Leveraging VSCode internals to escape containers
Do you know what actually happens under the hood when VS Code or Cursor connects to a remote environment? In this article, we break down that machinery and show how attackers can abuse those internals to escape containment and bypass the very boundaries developers assume are protecting them.
