Bleeping Computer

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.
InfoQ

AI-Powered Bot Compromises GitHub Actions Workflows Across Microsoft, DataDog, and CNCF Projects

AI-powered bot hackerbot-claw exploited GitHub Actions workflows across Microsoft, DataDog, and CNCF projects over 7 days using 5 attack techniques. Bot achieved RCE in 5 of 7 targets, stole GitHub ...
GitHub

balaji-premkumar/vscode-sql-notebook-extension

A VS Code extension that brings Azure Data Studio-style SQL notebook functionality to Visual Studio Code. Execute SQL queries in Jupyter-style notebook cells with full connection management, an object ...
dbta

Big Data

Alation Inc., the agentic knowledge layer that drives outcomes, is introducing outcome-based governance, a new approach to data governance that replaces manual, process-driven programs with an ...