Cyble Researchers Uncover Sophisticated Attack Using VSCode for Remote Access
Cyble Researchers Uncover Sophisticated Attack Using VSCode for Remote Access
02 October 2024
Cyble researchers have uncovered a sophisticated campaign that starts with a suspicious .LNK file and uses VSCode to establish persistence and remote access – and installs the VSCode CLI if VSCode isn’t found on the victim machine.