Visual Studio Code 1.109 introduces enhancements for providing agents with more skills and context and managing multiple ...

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a ...

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

Versions installed via Snap don't delete files when users empty system trash Linux users who installed Microsoft's Visual ...

Socket notified Open VSX operators Eclipse Foundation of their findings, and the platform revoked tokens and removed the malicious releases. This doesn’t mean everyone is safe, though. Users who ...

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...

Two VSCode extensions are harvesting sensitive data and sending it to China.

More than 1.5 million people may have had their sensitive data exfiltrated to Chinese hackers through two malicious ...

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.

This extension from CodeSecure provides access to static code analysis results from a CodeSonar hub inside Visual Studio Code. You will also need access to a CodeSonar hub running CodeSonar 7.1p0 or ...

Google's new AI-powered Antigravity IDE has triggered an intense discussion among developers after many users quickly concluded that the tool is based on Microsoft's Visual Studio Code. A Hacker News ...

A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with self-spreading malware called GlassWorm that has been installed an estimated ...