Visual Studio Code 1.109 introduces enhancements for providing agents with more skills and context and managing multiple ...

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.

Overview: TypeScript is widely used in large projects because its typing works better with AI coding assistants and reduces bugs.JavaScript remains best for sma ...

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...

网络安全研究人员发现两款伪装成AI编程助手的恶意VS Code插件，总安装量达150万次。这些插件分别是"ChatGPT-中文版"和"ChatGPT-ChatMoss"，功能正常但暗中将用户打开的文件和源代码修改发送至中国服务器。插件还内置实时监控功能，可远程触发窃取工作区文件，并通过隐藏框架加载四个中国数据分析SDK进行设备指纹识别。

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

与朝鲜有关的网络间谍组织正在将全球开发者广泛使用的工具——Visual Studio ...

As part of the infamous Contagious Interview campaign, North Korean threat actors were seen abusing legitimate Microsoft Visual Studio Code in their attacks.

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

In this post, we will show you how to create real-time interactive flowcharts for your code using VS Code CodeVisualizer. CodeVisualizer is a free, open-source Visual Studio Code extension that ...