A new wave of the GlassWorm malware is now targeting macOS developers by hiding malicious code inside fake Visual Studio Code ...

A fourth wave of the "GlassWorm" campaign is targeting macOS developers with malicious VSCode/OpenVSX extensions that deliver ...

Threat actors continue to probe Visual Studio Code's extension ecosystem, and a late November incident shows how quickly a trusted developer tool can be turned into a supply chain beachhead. In a ...

Cybersecurity firm Koi Security uncovers a new wave of the GlassWorm campaign, which hides malware in invisible Unicode code within VS Code extensions. The malware steals GitHub, Open VSX, and crypto ...

The threat actor skill floor may soon lower as vibe coded ransomware has seemingly been published as an extension for Microsoft's AI code editor Visual Studio Code (VS Code). John Tuckner, founder of ...

VS Code has become the top choice for web developers. It’s been around only 8 years but has grown a lot. This is thanks to its huge library of extensions and how it boosts productivity. VS Code’s ...

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...

New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical ...

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain remote control, all while posing as legitimate developer tools. In a new ...