GlassWorm, a self-propagating VS Code malware first found in the Open VSX marketplace, continues to infect developer devices ...

Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which ...

A published VS Code extension didn't hide the fact that it encrypts and exfiltrates data and also failed to remove obvious signs it was AI-generated.

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities ...

Microsoft expanded model choice in VS Code with Bring Your Own Key (BYOK), enabling developers to connect models from any provider and manage them through a new extensible API.

Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode ...

Microsoft's unified agent experience in VS Code consolidates Copilot, Codex, and custom agents, introducing Agent Sessions, a ...

Today is Microsoft' 2025 Patch Tuesday, which includes security updates for 63 flaws, including one actively exploited ...

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code ...

A malicious extension was published on Microsoft ’s official VS Code marketplace, and was able to remain there for some time ...

Microsoft has released the October 2025 update for Visual Studio 2022 (17.14). Read on to learn everything new in this update ...