The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
Dark Reading

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to ...
Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

Microsoft Virtual Studio Code is being targeted by North Korean hackers

The contagious interview campaign continues.
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
InfoWorld

Visual Studio Code adds agent development extension

The Copilot Studio extension lets developers use any VS Code-compatible AI assistant to develop AI agents, then sync with ...
Stark Insider

Cursor’s New Visual Editor Turns Your IDE Into a Web Design Studio

Modern IDEs are evolving into AI-powered hubs for coding, content, and productivity. Get your scorecards out, we have yet another update in the ever expanding world of code editors. The barrier to ...
CSOonline

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...
Android

Google AI Studio Brings 'Vibe Coding': App Creation for Everyone

Google has updated AI Studio with “Vibe Coding,” a workflow that allows users to build and deploy AI applications using natural language prompts. This new system, powered by Gemini, simplifies the ...