GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...

Socket has notified the Eclipse Foundation, which oversees the Open VSX marketplace, of the latest fraudulent additions, and Burckhardt expects that by now all 73 have been deleted.

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

A malicious version of the Bitwarden command-line interface (CLI) password manager was briefly distributed via the Node ...

A compromised developer's repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other ...

VS Code 1.117 adds bring-your-own model key support for Copilot Business and Enterprise users and introduces a set of chat, agent, terminal, and TypeScript updates.

Microsoft is making Visual Studio more agentic. New tools handle remote coding tasks and analyze live app behavior to find ...

Beyond remote AI management, Microsoft is tackling the high cost of coding bots with new token efficiency tech. See what ...

Researchers uncover a malicious npm dependency linked to an AI‑assisted code commit that steals sensitive data and exposes ...

The popular Notepad++ coding editor is now available as a native macOS app, following a successful open-source community port ...

Daniel Roe and over 250 contributors. It emphasizes speed and features absent in the official npmjs.com interface, such as ...