A published VS Code extension didn't hide the fact that it encrypts and exfiltrates data and also failed to remove obvious signs it was AI-generated.

Microsoft outlined steps for developers to migrate existing C++ projects to Visual Studio 2026 with updated toolsets, standards, and SDKs.

Microsoft expanded model choice in VS Code with Bring Your Own Key (BYOK), enabling developers to connect models from any provider and manage them through a new extensible API.

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities ...

A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace ...

On the opening day of GitHub Universe 2025, GitHub announced Agent HQ, its vision for the future of the platform.

At its Waves 2025 annual conference, low-code automation vendor Make set out an AI agent strategy that emphasizes visibility ...

A malicious extension was published on Microsoft ’s official VS Code marketplace, and was able to remain there for some time ...

The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and allowed threat actors to publish malicious extensions in an attempted ...

Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.

ADI’s CodeFusion Studio 2.0 adds end-to-end AI workflow support, unified configuration tools, and a Zephyr-based modular ...

Sony-backed Jabali.ai is making a play to open up game development to the masses with the launch of Jabali Studio.