Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
InfoWorld

Microsoft brings C++ smarts to GitHub Copilot in Visual Studio Code

Updates to GitHub Copilot in VS Code provide the same C++ symbol context and CMake build configuration awareness as Microsoft’s C/C++ DevTools and CMake Tools extensions.
The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
InfoWorld

Working with the Windows App Development CLI

Microsoft is previewing an open-source command-line tool designed to speed up Windows application development, testing, and delivery.
IEEE

Programmers’ Visual Attention on Function Call Graphs During Code Summarization

Abstract: This paper studies programmer visual attention on code as it relates to underlying function call graphs during code summarization. Programmer visual attention refers to where people look ...