Google decided to fork Visual Studio Code because the standard extension API was too restrictive for an agent-first plan.

Malicious Visual Studio Code extensions disguised as dark themes and AI assistants infect developers with infostealing malware, stealing cookies, WiFi passwords, and system data.

Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data ...

VSCodium avoids this entire issue. It is a community-driven option for those who don't want the proprietary distribution ...

Amazon announced 1Password LLC as a launch partner for Nova Act, bringing the company’s secrets and credentials security ...

GlassWorm, a self-propagating malware targeting Visual Studio Code (VS Code) extensions on the Open VSX marketplace, have apparently continued despite statements that the threat had been contained.

The threat actor skill floor may soon lower as vibe coded ransomware has seemingly been published as an extension for Microsoft's AI code editor Visual Studio Code (VS Code). John Tuckner, founder of ...

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities that appears to be created with the help of artificial intelligence – in ...

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...

The malware uses invisible Unicode characters to hide its code and blockchain-based infrastructure to prevent takedowns. Visual Studio developers are targeted with a self-propagating worm in a ...