PinnedAmit AssarafWhen Chrome Extensions Turn Against Us: The Cyberhaven Breach and BeyondDid you ever wonder what happens when a cybersecurity company becomes a tool for spreading malware? This is exactly what happened to the…Dec 31, 2024Dec 31, 2024
Amit AssarafVSCode Extension Trivia: Real or Cake?It’s me again. It has been a few months since the latest blog post that went quite viral — “How We Hacked Multi-Billion Dollar Companies…Dec 18, 2024Dec 18, 2024
Amit Assaraf6/6 | Uncover Hidden Risks: CISO’s Guide to Using ExtensionTotal API for Your OrganizationAfter publishing our research and releasing ExtensionTotal, I’ve had the privilege of working with security teams from amazing companies…Jul 5, 2024Jul 5, 2024
Amit Assaraf5/6 | Breaking the Internet: The Aftermath Of Our ResearchIf you work in cybersecurity, and you haven’t already, it’s time you read the research we published a few weeks ago about “How We Hacked…Jun 22, 2024Jun 22, 2024
Amit Assaraf4/6 | Introducing ExtensionTotal: How to Assess Risk in VS Code ExtensionsIn the previous blog post, “3/6 | A Letter to Microsoft: Uncovering Design Flaws of Visual Studio Code Extensions” " we addressed a letter…Jun 6, 20242Jun 6, 20242
Amit Assaraf3/6 | A Letter to Microsoft: Uncovering Design Flaws of Visual Studio Code ExtensionsIn the previous blog post, “2/6 | Exposing Malicious Extensions: Shocking Statistics from the VS Code Marketplace” we shared shocking…Jun 3, 20243Jun 3, 20243
Amit Assaraf2/6 | Exposing Malicious Extensions: Shocking Statistics from the VS Code MarketplaceIn the previous blog post “1/6 | How We Hacked Multi-Billion Dollar Companies in 30 Minutes Using a Fake VSCode Extension”, we told the…Jun 2, 20249Jun 2, 20249
Amit Assaraf1/6 | How We Hacked Multi-Billion Dollar Companies in 30 Minutes Using a Fake VSCode Extension30 minutes. 30 minutes is how long it took us to develop, publish, and polish a Visual Studio Code (The most popular IDE on the planet with…May 12, 20244May 12, 20244