A published VS Code extension didn't hide the fact that it encrypts and exfiltrates data and also failed to remove obvious signs it was AI-generated.

GlassWorm, a self-propagating VS Code malware first found in the Open VSX marketplace, continues to infect developer devices ...

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...

Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which ...

For a few days now, a supply chain attack has been running through the Visual Studio Code marketplaces. Both Microsoft's Marketplace and the alternative Open-VSX marketplace of the Eclipse Foundation ...

If you want to set and use Deepseek-R1 in Visual Studio Code, follow the steps below. Install Visual Studio Code Download Ollama Install the CodeGPT Extension Install DeepSeek models Use DeepSeek in ...

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code ...

A new malware worm campaign has infected multiple Microsoft Visual Studio Code extensions using invisible Unicode characters to hide malicious code from both reviewers and security tools, security ...

A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with self-spreading malware called GlassWorm that has been installed an estimated ...

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and ...

Microsoft has introduced a new AI-powered capability called Planning in Visual Studio, now available in public preview as part of Visual Studio 2022 version 17.14. The feature extends GitHub Copilot's ...