Microsoft has released VS Code 1.123 with a new Research Agent, AI session syncing, Chronicle search, browser upgrades, and ...

GitHub has confirmed that a recent breach into its internal repositories was caused by a vulnerability in a Microsoft Visual Studio Code (VS Code) extension called ‘Nx Console.’ The security team at ...

GitHub confirmed a breach affecting about 3,800 internal repositories after an employee installed a malicious VS Code ...

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...

About three years ago Microsoft released a new source code editor for Windows, Linux, and macOS. This was named Visual Studio Code. It is way lighter IDE than various editions of the legendary Visual ...

VS Code 1.121 was released May 20, 2026, featuring yet another update to Claude Code, becoming more and more a first-class citizen in the VS Code ecosystem. Remote agents can run over SSH or dev ...

VS Code 1.120 brings the Agents window to Stable preview. The new window opens from a title-bar button. Agent customizations include Agents, Skills, Instructions, Hooks, MCP Servers and Plugins. It ...

Microsoft has had a VS Code extension for a long time, and it finally came back to bite them.

For more than a year, a self-propagating worm rode VS Code extensions, npm packages, and stolen developer credentials through ...

GitHub disclosed that attackers used a malicious Visual Studio Code extension on an employee's laptop to exfiltrate roughly 3,800 of its internal repositories.

A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a patch.

Update May 21: GitHub has now linked this breach to the TanStack npm supply-chain attack and says the employee installed a malicious version of the Nx Console extension. GitHub has confirmed that ...