InfoQ

VS Code 1.123 Adds Two-Hour Extension Update Delay to Limit Supply Chain Attacks

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Visual Studio Magazine

Using Local AI to Cut Copilot Usage-Based Billing Shock

After being gobsmacked by the new billing plan using almost all my monthly credits in one or two days, I tried pushing some Copilot-style coding work onto local models in VS Code. What I found was ...
The Tech Edvocate

How to install Visual Studio Code

Spread the love“`html Visual Studio Code (VS Code) has rapidly become one of the most popular code editors among developers worldwide. Its flexibility, ease of use, and robust features make it a go-to ...
The Tech Edvocate

How to install extensions in VS Code

Spread the love“`html Visual Studio Code (VS Code) has rapidly become one of the most popular code editors in recent years. With its versatility and extensive customization options, it caters to ...
XDA Developers on MSN

Terminal agents are replacing VS Code as the center of my development workflow

The agent is doing the actual work, and VS Code is just a window.
Crypto Briefing

Microsoft fixes severe VS Code vulnerability enabling GitHub token theft

Security researcher Ammar Askar disclosed a critical vulnerability in Visual Studio Code on June 2, 2026, revealing that attackers could steal GitHub OAuth tokens through a deceptively simple ...
Bleeping Computer

VS Code zero-day lets hackers steal GitHub tokens in one click

A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a ...
techtimes

GitHub CISO Names Nx Console as Root of 3,800-Repo Breach: OpenAI, Grafana Also Hit

GitHub CISO Alexis Wales confirmed Thursday that a poisoned build of the Nx Console Visual Studio Code extension — live on Microsoft's official Visual Studio Marketplace for just 18 minutes on May 18 ...
CSOonline

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

A supply chain attack on SAP-related npm packages has put fresh scrutiny on the developer tools and build workflows that enterprises rely on to produce software. The campaign, referred to as “mini ...
The Hacker News

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code) extensions on the Open VSX repository that are linked to a persistent information-stealing campaign dubbed ...
Infosecurity-magazine.com

Flaws in Popular Software Development App Extensions Allow Data Exfiltration

Researchers at OX Security have detected four vulnerabilities in three of the most popular integrated development environments (IDEs) that could lead to cyber-attacks. In a report published on ...
Bleeping Computer

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...