SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
Visual Studio Magazine

VS Code Team Member Blames User Trust Decisions in Repo-Based Attacks

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...
River Journal Online

Which One Wins for Developers: Gemini or ChatGPT

By Karyna Naminas, CEO of Label Your Data Choosing the right AI assistant can save you hours of debugging, documentation, and boilerplate coding. But when it comes to Gemini vs […] ...
ET CIO

7 Best AI Code Review Tools for DevOps Teams in 2026

Discover the leading AI code review tools reshaping DevOps practices in 2026, enhancing code quality, security, and team productivity with automated solutions.
Cybernews

North Korea is turning open-source projects into malware traps

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to China-based servers.
Bleeping Computer

Microsoft Copilot Studio extension for VS Code now publicly available

Microsoft announced that the Copilot Studio extension for the Visual Studio Code (VS Code) integrated development environment is now available to all users. Developers can use it to build and manage ...
Fox News

Malicious Mac extensions steal crypto wallets and passwords

Mac users often assume they're safer than everyone else, especially when they stick to official app stores and trusted tools. That sense of security is exactly what attackers like to exploit. Security ...
The Hacker News

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are ...
TWCN Tech News

Create real-time interactive flowcharts for your code using VS Code CodeVisualizer

In this post, we will show you how to create real-time interactive flowcharts for your code using VS Code CodeVisualizer. CodeVisualizer is a free, open-source Visual Studio Code extension that ...
Visual Studio Magazine

Microsoft Tests Copilot-Powered Tool to Modernize JavaScript/TypeScript in VS Code

Microsoft is previewing a new AI-assisted tool for Visual Studio Code Insiders called the JavaScript/TypeScript Modernizer. It's designed to help developers modernize older JavaScript or TypeScript ...
Developer Tech

Malware campaign uses VS Code extensions for A/B testing

A new malware campaign is A/B testing delivery effectiveness on software developers using malicious VS Code extensions. In a campaign tracked by Koi, a threat actor published two malicious VS Code ...