Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
Two VSCode extensions exfiltrated sensitive user data to Chinese servers ChatGPT – 中文版 and ChatMoss had over 1.5 million installs combined Extensions used hidden iframes, commands, and SDKs to steal ...
10don MSN
Linux users report Microsoft's Visual Studio Code Snap package isn't actually deleting files
Many have run out of disk space entirely ...
The Copilot Studio extension lets developers use any VS Code-compatible AI assistant to develop AI agents, then sync with Copilot Studio for testing and iteration. Microsoft is offering a Microsoft ...
A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.
In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...
I tried a Claude Code rival that's local, open source, and completely free - how it went ...
The Register on MSN
VS Code for Linux may be secretly hoarding trashed files
Versions installed via Snap don't delete files when users empty system trash Linux users who installed Microsoft's Visual ...
Cybersecurity researchers from Socket’s Threat Research team have identified a developer-compromise supply chain attack ...
Open VSX supply chain attack hijacked VS Code extensions delivered GlassWorm malware stealing macOS, crypto, and developer ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results