The Hacker News

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities ...
CSO Online

Modern supply-chain attacks and their real-world impact

Supply-chain attacks have evolved considerably in the las two years going from dependency confusion or stolen SSL among ...
Techzine Europe

Invisible malware spread via VS Code extensions

The leak has now been fixed. According to the Open VSX team, the incident has been fully contained and closed since October ...
InfoWorld

Malicious npm packages contain Vidar infostealer

Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.
Visual Studio Magazine

Microsoft Details How 'Agents Took Over VS Code in 2025'

Microsoft's unified agent experience in VS Code consolidates Copilot, Codex, and custom agents, introducing Agent Sessions, a ...
Windows Report

Microsoft Details Roadmap for Visual Studio, Featuring New Agents and GPT-5 Codex

Microsoft’s November Visual Studio roadmap highlights new AI agents, GPT-5 Codex integration, and improved MCP governance.
CSO Online

How crooks use IT to enable cargo theft

In the old days, crooks followed transport trucks and hijacked them. Today they use phishing, vishing and identity theft to find and divert valuable cargo via logistics systems. It’s a challenge for ...