The Hacker News

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities ...
The Hacker News

Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive

Researchers uncover SleepyDuck RAT hidden in VSX extension, using Ethereum contracts to control infected hosts.
CSO Online

Modern supply-chain attacks and their real-world impact

Supply-chain attacks have evolved considerably in the las two years going from dependency confusion or stolen SSL among ...
Windows Report

Microsoft Details Roadmap for Visual Studio, Featuring New Agents and GPT-5 Codex

Microsoft’s November Visual Studio roadmap highlights new AI agents, GPT-5 Codex integration, and improved MCP governance.
InfoWorld

Malicious npm packages contain Vidar infostealer

Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.

AI-Slop ransomware test sneaks on to VS Code marketplace

A malicious extension with basic ransomware capabilities seemingly created with the help of AI, has been published on Microsoft's official VS Code marketplace.

Ai2 Launches OlmoEarth: State of the Art Foundation Models and Open Infrastructure to Tackle the Planet's Biggest Problems

Ai2 (The Allen Institute for AI) today announced the OlmoEarth Platform, the first open, end-to-end solution that transforms ...
XDA Developers on MSN

I've only kept these 6 VS Code extensions after deep-cleaning the code editor

Besides its lightweight design and compatibility with all major operating systems, a massive collection of extensions is one ...