A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...

The Container Tools extension makes it easy to build, manage, and deploy containerized applications from Visual Studio Code. It also provides one-click debugging of Node.js, Python, and .NET inside a ...

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, ...

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...

Enterprise giant Salesforce is looking to ride the vibe-coding wave — where developers describe what they want in natural language and AI agents write the code — with its new AI-powered developer tool ...

Cybersecurity researchers have uncovered a loophole in Microsoft’s Visual Studio Code (VS Code) Marketplace that enables attackers to reuse deleted extension names, potentially allowing malware to ...

Thank you very much for providing and maintaining this extremely helpful remote extension. I wanted to bring attention to a recent security issue that affected the official Visual Studio Code Remote - ...

The Amazon Q Developer VS Code Extension is reportedly vulnerable to stealthy prompt injection attacks using invisible Unicode Tag characters. According to the author of the “Embrace The Red” blog, ...

Microsoft has released a new GitHub Copilot extension in public preview designed to help enterprise .NET developers modernize and migrate legacy applications to Azure. Integrated with Visual Studio ...