GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
XDA Developers on MSN

I've been vibe-coding my own Chrome extensions, and I can't stop

More fun than it should be, honestly.

Vibe coding apps taught me how hard real coding is

Garbage in, garbage out” applies just as much to AI-assisted vibe coding as it does to old-fashioned software development, as I learned the hard way.
InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
GitHub

LLM powered development for VSCode

When using the Inference API, you will probably encounter some limitations. Subscribe to the PRO plan to avoid getting rate limited in the free tier. Requests for code generation are made via an HTTP ...
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.
How-To Geek on MSN

I thought I knew VS Code, but these 5 features proved me wrong

VS Code keeps adding new features as time goes on, and if you weren't careful, you likely missed things like sticky scroll, zen mode, and more.