Bleeping Computer

Malicious AI extensions on VSCode Marketplace steal developer data

Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are ...

Malicious Microsoft AI extensions might have hit over 1.5 million users

Two VSCode extensions are harvesting sensitive data and sending it to China.
GitHub

ty extension for Visual Studio Code

A Visual Studio Code extension for ty, an extremely fast Python type checker and language server, written in Rust. The extension ships with ty==0.0.12. Once installed in Visual Studio Code, ty will ...
GitHub

McCReuben/SQL-Runner-VSCode-Extension-

Execute SQL queries directly from VS Code with Cmd+Enter (Mac) or Ctrl+Enter (Windows/Linux). View results in a beautiful table interface with export capabilities.

dbForge 2025.3: AI Assistant in SQL Complete, Expanded Connectivity, and Smarter SQL Workflows

Forge 2025.3 adds AI Assistant to SQL Complete, supports SSMS 22, Visual Studio 2026, MySQL 9.5, MariaDB 12.2, and ...

New GlassWorm attack targets macOS via compromised OpenVSX extensions

A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems.
XDA Developers on MSN

4 VS Code forks built for specific tasks

The classic VS Code is great and all, but these specialized forks are better for certain programming tasks ...
The Hacker News

Researchers Reveal Reprompt Attack Allowing Single-Click Data Exfiltration From Microsoft Copilot

Cybersecurity researchers have disclosed details of a new attack method dubbed Reprompt that could allow bad actors to exfiltrate sensitive data from artificial intelligence (AI) chatbots like ...