Google decided to fork Visual Studio Code because the standard extension API was too restrictive for an agent-first plan.
Threat actors are still abusing Visual Studio Code extensions as an entry point, with the latest fake Prettier incident ...
Microsoft previews a GitHub Copilot-powered VS Code Insiders tool that modernizes JavaScript/TypeScript apps by upgrading npm ...
Researchers found malicious VS Code extensions and Go, npm, and Rust packages stealing developer data via hidden payloads and exfiltration.
The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms.
VSCodium avoids this entire issue. It is a community-driven option for those who don't want the proprietary distribution ...
Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data ...
A new malware campaign is A/B testing delivery effectiveness on software developers using malicious VS Code extensions.
CHICAGO, Nov. 13, 2025 /PRNewswire/ -- Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords and passkeys, infrastructure secrets, remote ...