Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

🚀 What's Coming Next: I'm building an AI Agent Feedback Loop System that enables intelligent collaboration between Claude Code and Gemini AI. This will create a continuous improvement cycle where ...

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...

Two malicious VS Code extensions have exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million ...

A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems.

The classic VS Code is great and all, but these specialized forks are better for certain programming tasks ...

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.

By Karyna Naminas, CEO of Label Your Data Choosing the right AI assistant can save you hours of debugging, documentation, and boilerplate coding. But when it comes to Gemini vs […] ...

A Microsoft Visual Studio Code extension for Moltbot turns out to actually deliver a malware payload to unsuspecting users.

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...

It's no less than a modern miracle ...

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...