Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.

A global phishing campaign targeting Microsoft 365 bypasses security codes using a legitimate login feature, impacting ...