Despite the programming landscape teeming with cool code editors, many developers (including yours truly) rely on Visual Studio Code to develop apps, create scripts, and edit config files. After all, ...

Threat actors continue to probe Visual Studio Code's extension ecosystem, and a late November incident shows how quickly a trusted developer tool can be turned into a supply chain beachhead. In a ...

A new campaign involving malicious Visual Studio Code (VS Code) extensions has exposed a loophole in the VS Code Marketplace that allows threat actors to reuse names of previously removed packages.

If you’ve ever found yourself staring at your Visual Studio Code (VS Code) setup, wondering if it could work just a little harder for you, you’re not alone. As developers, we spend countless hours in ...

A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero. Microsoft VSCode is a ...

An unknown threat actor is deploying a large-scale, sophisticated cryptojacking campaign through a series of malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor, ...

A self-propagating worm is targeting Visual Studio Code (VS Code) extensions in a complex supply chain attack that has infected 35,800 developer machines so far with techniques the likes of which ...

Microsoft has begun decommissioning IntelliCode in VS Code, ending free local AI-assisted completions and shifting its ...