Episode 13: Malicious VS Code Extensions & The Future of AI Security

Update: 2025-10-29

Description

In this episode of Secure Disclosure, host Mackenzie Jackson explores the growing threat of malicious VS Code extensions with Rami McCarthy from Wiz and Charlie Eriksen from Aikido Security, diving into how leaked secrets and clever obfuscation put developers at risk. Later, Patrick Debois, the “Godfather of DevOps,” joins to discuss the rise of AI-native development, how it mirrors past DevOps shifts, and what it means for the future of secure software.Links: Original Post from Aikido: https://www.linkedin.com/feed/update/urn:li:activity:7384986044867256320Wiz Security Research on VS Code https://www.wiz.io/blog/supply-chain-risk-in-vscode-extension-marketplaces Rami McCarthy LinkedIn: https://www.linkedin.com/in/ramimac/Patrick Debois LinkedIn: https://www.linkedin.com/in/patrickdebois/Charlie Erkson Linkedin: https://www.linkedin.com/in/charlie-eriksen-a318578/Chapters00:00 — Introduction01:10 — Malicious VS Code Extensions06:00 — Leaked Secrets & Supply Chain Risk15:00 — npm Security Updates & SafeChain19:00 — The Future of AI Development

Comments

In Channel

Shai Hulud The Second Coming & Malware for Hire: The Secure Disclosure Podcast

2025-12-0929:58

Attackers Targeting Code Editors and Critical Infrastructure with Vangelis Stykas & John Tuckner

2025-11-1842:01

The Accidental Founder: From Open-Source to AI Startup

2025-11-1129:29

Secure Code and AI - Paul McCarty & Sooraj Shah on Securing AI Code

2025-11-0422:12

Episode 13: Malicious VS Code Extensions & The Future of AI Security

2025-10-2955:55

Building, Investing, and the Future of AI: Maarten Mortier on the New Era of Venture Capital

2025-10-1646:40

AI, Code, and Confidence: The Future of Secure Development with Matias Madou

2025-10-1431:15

Digital Identities, Fraud, and the Future of AI with Veriff & Timefold: The Secure Disclosure

2025-10-0648:50

The Largest Breach That Wasn’t: Debug & Chalk + NPM’s Almost-Apocalypse

2025-09-1928:58

Phishing, Zero-Clicks & World Champion Hackers: The Secure Disclosure

2025-09-1452:47

Secrets in the Open: The NX Breach and Cloud Security’s Future - The Secure Disclosure Podcast

2025-09-0556:21

AI Cyber Defense & Cyborg Hackers - The Future of Security: The Secure Disclosure

2025-08-2945:43

Erlang RCE Vulnerability, Finding Security Champions and Securing AI Applications

2025-08-2152:20

Security Flaws, Phishing Attacks & Code Quality: Vibe Coding’s Dark Side: The Disclosure Episode 3

2025-08-1436:22

Inside the SharePoint Exploit: How Eye Security Discovered the Attack

2025-08-1451:32

McDonalds Breach, XAI Doge Leak and More: The Disclosure Show

2025-08-1443:52

00:00

Episode 13: Malicious VS Code Extensions & The Future of AI Security

#box-pro-ellipsis-176583329899073{-webkit-line-clamp:2;}Episode 13: Malicious VS Code Extensions & The Future of AI Security

Episode 13: Malicious VS Code Extensions & The Future of AI Security

Mackenzie Jackson

Episode 13: Malicious VS Code Extensions & The Future of AI Security