North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

Everything you may have missed from the past week.

Visual Studio Code 1.112, released March 18, expands Copilot agent autonomy, adds MCP server sandboxing on macOS and Linux, enables in-editor web app debugging, and broadens monorepo support for agent ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Thousands of people are trying Garry Tan's Claude Code setup, which was shared on GitHub. And everyone has an opinion: even ...

Since Andrej Karpathy coined the term “vibe coding” just over a year ago, we’ve seen a rapid increase in both the ...

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...

VS Code keeps adding new features as time goes on, and if you weren't careful, you likely missed things like sticky scroll, zen mode, and more.

A recreation of the classic Visual Basic 6 IDE and language in C# using Avalonia. This is a fun, toy project with no commercial intent. All rights to the Visual Basic name, icons, and graphics belong ...

The Container Tools extension makes it easy to build, manage, and deploy containerized applications from Visual Studio Code. It also provides one-click debugging of Node.js, Python, and .NET inside a ...