Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

Brendan Greene is back to modding, but now it's his own game.

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.

A sophisticated malware operation targeting software developers has expanded its reach by exploiting trusted extension ecosystems, with security researchers uncovering dozens of malicious packages ...

Microsoft is speeding up the delivery of its Visual Studio Code updates. Since last summer, the company has been making ...

VS Code keeps adding new features as time goes on, and if you weren't careful, you likely missed things like sticky scroll, zen mode, and more.

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

You also get to escape Microsoft telemetry tracking too.

Microsoft shifts Visual Studio Code to weekly releases, allowing faster AI feature updates and improvements to developer workflows.

NetEase Games will be cutting off funding to Nagoshi Studio in May, according to a spokesperson that spoke with Bloomberg. Nagoshi Studio is led by Yakuza franchise creator Toshihiro Nagoshi and the ...