GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
Visual Studio Magazine

Going Local (& a Bit Loco) with Open-Source AI in VS Code

This hands-on PoC shows how I got an open-source model running locally in Visual Studio Code, where the setup worked, where it broke down, and what to watch out for if you want to apply a local model ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
How-To Geek on MSN

I thought I knew VS Code, but these 5 features proved me wrong

VS Code keeps adding new features as time goes on, and if you weren't careful, you likely missed things like sticky scroll, zen mode, and more.
Visual Studio Magazine

Hands On with VS Code 1.111 Autopilot (Preview) for AI Prompts

VS Code 1.111 Autopilot is not just a no-prompts mode. In testing, it handled a blocking question that still stopped Bypass.
GitHub

NebulaFlow Workflow Editor (VS Code Extension)

The LLM node runs via the Amp SDK and OpenRouter SDK. The editor acts as a visual wrapper around the SDK: it builds prompts from upstream node outputs and executes them with the SDK. Per-node model ...
GitHub

Container Tools for Visual Studio Code

The Container Tools extension makes it easy to build, manage, and deploy containerized applications from Visual Studio Code. It also provides one-click debugging of Node.js, Python, and .NET inside a ...
Bleeping Computer

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...