The VS Code killer I wasn’t expecting ...

A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to ...

Microsoft has released the Copilot Studio extension for Visual Studio Code to general availability, enabling teams to build, version, review, and deploy Copilot Studio agents using standard software ...

A new Visual Studio Code extension called Nogic sparked a wide-ranging Hacker News discussion, with commenters praising its graph-based approach to understanding complex codebases while also raising ...

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

In this post, we will show you how to create real-time interactive flowcharts for your code using VS Code CodeVisualizer. CodeVisualizer is a free, open-source Visual Studio Code extension that ...

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...

You start by getting the official installer from the Visual Studio Code website. Open your preferred browser on Windows. Go to the Visual Studio Code download page ...

In December 2025, the GlassWorm supply chain malware campaign emerged again, affecting both the Microsoft Visual Studio Marketplace and Open VSX platforms. This episode involved 24 extensions posing ...

Cybersecurity firm Koi Security uncovers a new wave of the GlassWorm campaign, which hides malware in invisible Unicode code within VS Code extensions. The malware steals GitHub, Open VSX, and crypto ...