A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...

First malicious Outlook add-in abused an abandoned domain to host a fake Microsoft login page, stealing 4,000+ credentials in ...

By Karyna Naminas, CEO of Label Your Data Choosing the right AI assistant can save you hours of debugging, documentation, and boilerplate coding. But when it comes to Gemini vs […] ...

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

The classic VS Code is great and all, but these specialized forks are better for certain programming tasks ...

Two VSCode extensions exfiltrated sensitive user data to Chinese servers ChatGPT – 中文版 and ChatMoss had over 1.5 million installs combined Extensions used hidden iframes, commands, and SDKs to steal ...

The Conductor extension now can generate post-implementation code quality and compliance reports based on developer specifications.

Visual Studio 2026 includes GitHub Copilot functionality built into the IDE, while third-party AI coding assistants remain available through the Visual Studio Marketplace. Using Marketplace install ...

Cybersecurity researchers from Socket’s Threat Research team have identified a developer-compromise supply chain attack ...

Two malicious VS Code extensions have exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million ...

For over 5 years, Arthur has been professionally covering video games, writing guides and walkthroughs. His passion for video games began at age 10 in 2010 when he first played Gothic, an immersive ...