Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

Microsoft's VS Code 1.113 release packages a range of smaller updates across agent experience, chat experience, and editor experience, arriving as the company shifts the editor to a weekly release ...

Anthropic is fitting its Claude Code AI-powered coding assistant with an auto mode for the Claude AI assistant to handle ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Agents, browser debugging, and deprecation of Edit Mode are all highlighted in the latest versions of the popular code editor ...

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

Everything you may have missed from the past week.

Ocean Network links idle GPUs with AI workloads through a decentralized compute market and editor-based orchestration tools.

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...

VS Code keeps adding new features as time goes on, and if you weren't careful, you likely missed things like sticky scroll, ...

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...