A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in ...

Microsoft previews a GitHub Copilot-powered VS Code Insiders tool that modernizes JavaScript/TypeScript apps by upgrading npm ...

Visual Studio Code just released its November 2025 update, version 1.107. There are more improvements for AI coding agents ...

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing malware that can take screenshots, steal credentials, crypto wallets, and ...

The threat actor skill floor may soon lower as vibe coded ransomware has seemingly been published as an extension for Microsoft's AI code editor Visual Studio Code (VS Code). John Tuckner, founder of ...

VS Code has become the top choice for web developers. It’s been around only 8 years but has grown a lot. This is thanks to its huge library of extensions and how it boosts productivity. VS Code’s ...

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain remote control, all while posing as legitimate developer tools. In a new ...

A new study of integrated development environments (IDEs) like Microsoft Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor has revealed weaknesses in how they handle the extension ...

Microsoft activated stricter license enforcement for its popular C/C++ extension for Visual Studio Code earlier this month, a move that now prevents the add-on from working in unofficial VS Code ...

An unknown threat actor is deploying a large-scale, sophisticated cryptojacking campaign through a series of malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor, ...