Dark Reading

Leaks in Microsoft VS Code Marketplace Put Supply Chain at Risk

Organizations have accidentally exposed secrets across Microsoft Visual Studio Code (VS Code) marketplaces, posing significant risks not just to the organizations themselves but also to the greater ...
Bleeping Computer

Microsoft Visual Studio Code flaw lets extensions steal passwords

Microsoft's Visual Studio Code (VS Code) code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows, Linux, and macOS ...
CSOonline

Flaws in four popular VS Code extensions left 128 million installs open to attack

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...
Infosecurity-magazine.com

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

GitHub has confirmed that a recent breach into its internal repositories was caused by a vulnerability in a Microsoft Visual Studio Code (VS Code) extension called ‘Nx Console.’ The security team at ...
Bleeping Computer

Microsoft open-sources VS Code Copilot Chat extension on GitHub

Microsoft has released the source code for the GitHub Copilot Chat extension for VS Code under the MIT license. This provides the community access to the full implementation of the chat-based coding ...
ZDNet

Why I'm switching to VS Code. Hint: It's all about AI tool integration

Well, I guess it had to happen. I used profanity and pejoratively scolded an AI. I'm not proud. You could say I did it to myself, and that is true. But I did this for you, so please read on. Let's ...