SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
XDA Developers on MSN

5 developer tools that are incredible even if you're not a developer

Powerful tools built for developers, useful for everyone ...
TechRadar

Malicious Microsoft VSCode AI extensions might have hit over 1.5 million users

Two VSCode extensions exfiltrated sensitive user data to Chinese servers ChatGPT – 中文版 and ChatMoss had over 1.5 million installs combined Extensions used hidden iframes, commands, and SDKs to steal ...
Bleeping Computer

Malicious AI extensions on VSCode Marketplace steal developer data

Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are ...

GlassWorm Malware Hits macOS Through Trusted Open VSX Extensions

Cybersecurity researchers from Socket’s Threat Research team have identified a developer-compromise supply chain attack ...
Women's Health

The 15 Best Lower-Body Exercises for Your Leg Day Routine, According to Trainers

There are only a few things in life more humbling than leg day—but adding a lower-body session into your workout split is a surefire way to build strength and confidence, move better, and crush ...
Cosmopolitan

I’m a Beauty Editor Who Rarely Gets Manicures—These Press-On Nails are Just as Good

We may earn commission from links on this page, but we only recommend products we love. Promise. Although they have so many short nail options, if you love very-long nails, you might not find them to ...
WinBuzzer

Malicious VS Code Extensions Steal Code from 1.5M Developers

Two malicious VS Code extensions have exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million ...