Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
Dark Reading

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
The Hacker News

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Experts reveal Evelyn Stealer malware abusing VS Code extensions to steal developer credentials, browser data, and ...
GitHub

Visual Studio Code PDF Viewer

This extension runs the latest pdf.js underneath. A demo of their editor (hence ours) can be found here. Most extensions currently in the marketplace have problems too deep to fix. These problems ...
Visual Studio Magazine

Hands On with Copilot Vision: VS Code's Head Start and How the IDE Is Catching Up

AI space! GitHub Copilot's vision and image-based features arrived first in VS Code in February 2025 and have since become ...
InfoWorld

Why ‘boring’ VS Code keeps winning

Meanwhile, the model layer keeps whiplashing. First, everyone used ChatGPT. Then Gemini was catching up. Now, it seems Claude ...
GitHub

CodeSonar Extension for Visual Studio Code

This extension from CodeSecure provides access to static code analysis results from a CodeSonar hub inside Visual Studio Code. You will also need access to a CodeSonar hub running CodeSonar 7.1p0 or ...