A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious payload. Read more on how the attacker managed to do it and how to protect yourself from it.

VS Code flaw lets attackers reuse deleted extension names, enabling ransomware payload delivery and supply chain risks.