A new campaign involving malicious Visual Studio Code (VS Code) extensions has exposed a loophole in the VS Code Marketplace that allows threat actors to reuse names of previously removed packages.

Despite the programming landscape teeming with cool code editors, many developers (including yours truly) rely on Visual Studio Code to develop apps, create scripts, and edit config files. After all, ...

An unknown threat actor is deploying a large-scale, sophisticated cryptojacking campaign through a series of malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor, ...

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing malware that can take screenshots, steal credentials, crypto wallets, and ...

Agentic AI is the place to be these days as a Microsoft-centric developer, and as advanced GenAI works its way into the brand-new Visual Studio 2026, several agentic tools are already available for it ...

The threat actor skill floor may soon lower as vibe coded ransomware has seemingly been published as an extension for Microsoft's AI code editor Visual Studio Code (VS Code). John Tuckner, founder of ...

Rocket Software is introducing the Rocket MV BASIC for Visual Studio Code 1.6.0 extension, now available on the Visual Studio Code Marketplace. Rocket MV BASIC for VS Code (MVVS) allows BASIC ...

Microsoft has begun decommissioning IntelliCode in VS Code, ending free local AI-assisted completions and shifting its ...

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...