Malware targets macOS developers via compromised VS Code extensions, stealing credentials and crypto data via ...

Microsoft enhances Visual Studio 2026 with AI reliability upgrades, better failure handling, and agentic workflows for enterprise development.

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

Microsoft outlines new AI reliability, agentic coding, and Copilot improvements coming to Visual Studio 2026, with a focus on ...

Eclipse Foundation to require pre-publish security checks for Open VSX extensions to reduce VS Code supply-chain risk.

Cybersecurity researchers from Socket’s Threat Research team have identified a developer-compromise supply chain attack ...

Socket notified Open VSX operators Eclipse Foundation of their findings, and the platform revoked tokens and removed the malicious releases. This doesn’t mean everyone is safe, though. Users who ...

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.

Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are ...

The Python extension will automatically install the following extensions by default to provide the best Python development experience in VS Code: If you set this setting to true, you will manually opt ...

Microsoft has officially announced the general availability of the Copilot Studio extension for Visual Studio Code. As a result, developers now have a more structured way to build and manage Copilot ...