VS Code’s AllowedExtensions policy shipped in November 2024. GitHub — a Microsoft subsidiary — wasn’t enforcing it when a poisoned Nx Console extension walked out with 3,800 internal repos in 11 minutes. The policy framework was never missing. The enforcement was. Here’s the Intune remediation script and the Copilot/MCP guardrails that close the exact attack path TeamPCP used.
If you manage Microsoft Entra for clients, shadow tenants are now easier to spot with related-tenant discovery signals (B2B, multitenant apps, and shared billing). The practical playbook is straightforward: enable continuous discovery, triage unknown tenants, and quarantine untrusted ones until assessed. Also plan now for the August 15, 2026 retirement of the legacy workforce tenant creation flow.
