Focus on the code, not the side work.

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

Try these extensions and you'll wonder how you ever lived without them!

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

Microsoft has embedded GitHub Copilot as a default VS Code extension in version 1.116, adding agent debug logging, terminal upgrades, and inline diffs.

The Java ecosystem has historically been blessed with great IDEs to work with, including NetBeans, Eclipse and IntelliJ from JetBrains. However, in recent years Microsoft's Visual Studio Code editor ...

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading ...

VS Code Extensions have transformed the code editor into a productivity powerhouse. GitHub Copilot enables AI-powered autocomplete, multi-line code generation, and context-aware suggestions, helping ...

Agents, browser debugging, and deprecation of Edit Mode are all highlighted in the latest versions of the popular code editor. With Microsoft now releasing stable updates to its Visual Studio Code ...

Native browser integration in chat is designed to make web debugging tasks (DOM interaction, screenshots, console logs) available directly to AI agents. Agent workflows are expanding with ...

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...