Not thinking about infosec for a while 🥰

BTW - I don't see this as a vulnerability. It is (clearly) by design, just something to be cautious with for all the vibe coders out there :)

The @vscode.dev is doing an excellent job here - they even disable Copilot entirely in untrusted (restricted) workspaces.

quack.py needs work still

10/10 no notes, excellent blending in

Pretty fun proof of concept - VS Code's `copilot-instructions.md` allows for blatant backdooring of agents if any AI agents or edits are run from an untrusted repository. It can seemingly fulfil the user's request, but actually implement (and hide) some nefarious side activities 😂

Very glad I'm not going - at least for this year. We'll see if (or when?) this situation crystallizes out 😅

This is actually so good 👌

Yes! Already made plans to link up 🙌

Touched down in Singapore! Looking forward to Black Hat Asia. Hope to see many of you around!

A diagram describing the negotiate protocol, only saying 'negotiate protocol' twice between client and server

This must be the most informative graphic contained in the Microsoft docs
learn.microsoft.com/en-us/opensp...

Doing it out of spite. Love it! 😂

Yeah on sunny days I sometimes get 15-20kWh from my panels of which almost everything is returned to grid 😅. I guess it's not really about that number though, but more the question "does 2.7kWh last you until the next sunrays" maybe. And the 800W extra is nice to cover peak usage that exceeds solar

Good stuff! Definitely subscribing to your opinions on it in the future 😂. 2.7kWh ain't much but it's enough to bridge the night on solar I guess!

I've been keeping an eye on these! What is your experience so far? Seems like a great solution in between nothing and a ridiculously expensive all-out battery setup. Too much uncertainty regarding saldering for me to buy anything yet tho 😂

Truly mask off at this point.. it's saddening

I was invited to present Nimplant at Black Hat Asia 2025 in Singapore this April! If you're around, please do reach out to talk offensive development, modern programming languages, or how to use (or detect) Nimplant in your ops. Looking forward to it!

www.blackhat.com/asia-25/arse...

That's very cool! I briefly looked into adding plugins the "classical" way as well but backdooring an existing one seems much cleaner. Nice post!

Abusing VS Code's Bootstrapping Functionality To Quietly Load Malicious Extensions Wow, been a while since my last blog 😅. During some research I came across a technique variation which I felt was interesting enough to share in a brief blog post. It relates to how the bootstrapping ...

Recently came across a pretty neat technique to silently load (malicious) VS Code extensions using its bootstrapping and portability features. Thought it was interesting enough to warrant my first blog post in 4 years 🙃

Check it out 👇
casvancooten.com/posts/2025/0...

Leuk Johannes, dank!

Haha yeah this sounds familiar 😅. The smaller the feature the more bugs will pop up 😂

Great updates! Thanks for sticking with the maintenance, still very useful in work automations! 🔥

First day back after leave, man does my brain feel the same trying to remember what all I did before 😂😂

Thumb 11/10, will definitely watch first thing after holiday 😂

Lol 75% thought leader, must be because I interact with @xpnsec.com too much 😂
blueskyroast.com/roast/casvan...

a group of people are screaming and laughing in a crowd ALT: a group of people are screaming and laughing in a crowd

let's goooo

Agreed, they're so much fun as a collectible.. maybe we should start re-using badges, new badge for first-time con visitors, firmware update for existing badge holders? 😂

I think it's the latter for most? Less frustrations with the platform maybe, and/or not willing to juggle multiple platforms (temporarily) potentially

Unfortunately there are still too many capable and informative folks on there :(. At least to the degree I'm not comfortable burning my account with fire just yet. @xpnsec.com is doing a great job with influencing everyone to move over here, though!

My ears were ringing when this was presented at RedTreat. Time for round two with this blog and tool release 😅 🔥