VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

VS Code is no longer just an IDE.

Overview On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft ...

Business and enterprise users can now connect their own API keys to use LLMs via OpenRouter, Ollama, Google, OpenAI, and more ...

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

Malicious browser extensions disguised as TikTok downloaders compromised 130,000 users, exposing a growing blind spot in ...

Microsoft has released Visual Studio Code version 1.116, introducing a set of AI-focused improvements that refine developer ...

The Java ecosystem has historically been blessed with great IDEs to work with, including NetBeans, Eclipse and IntelliJ from JetBrains. However, in recent years Microsoft's Visual Studio Code editor ...

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace checks and silently installing malware onto developers’ systems. Threat ...

The Copilot Studio extension for Visual Studio Code is now generally available, allowing agents to be developed and managed directly from the editor. The extension enables software-style workflows for ...

Visual Studio Code is a desktop source code editor designed for software development on Windows systems. It provides a clean editing environment combined with powerful features that support writing, ...

The Copilot Studio extension lets developers use any VS Code-compatible AI assistant to develop AI agents, then sync with Copilot Studio for testing and iteration. Microsoft is offering a Microsoft ...