Some developers thought they were installing a dark theme and an AI assistant on their VS Code. However, it turned out to be malware that stole their data. Researchers at Koi, a cybersecurity firm, ...

Send a note to Doug Wintemute, Kara Coleman Fields and our other editors. We read every email. By submitting this form, you agree to allow us to collect, store, and potentially publish your provided ...

Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index (PyPI) via a domain ...

Organizations have accidentally exposed secrets across Microsoft Visual Studio Code (VS Code) marketplaces, posing significant risks not just to the organizations themselves but also to the greater ...

Ever since it came under the public eye, ChatGPT has exploded in popularity. The chatbot launched by OpenAI only a few months ago is famous to the point that servers are struggling to keep up. While ...

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain remote control, all while posing as legitimate developer tools. In a new ...

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and ...

Developers across popular integrated development environments (IDEs) like Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor are at risk of running malicious extensions marked as “verified.” ...

Visual Studio Code (VS Code) has quickly become one of the most popular code editors among developers—and for good reason. It’s fast, lightweight, and highly customizable. But what truly sets it apart ...