The Hacker News

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities ...

AI-Slop ransomware test sneaks on to VS Code marketplace

A malicious extension with basic ransomware capabilities seemingly created with the help of AI, has been published on Microsoft's official VS Code marketplace.
XDA Developers on MSN

I've only kept these 6 VS Code extensions after deep-cleaning the code editor

Besides its lightweight design and compatibility with all major operating systems, a massive collection of extensions is one ...
InfoWorld

How GlassWorm wormed its way back into developers’ code — and what it says about open source security

Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode ...
The Hacker News

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code ...
Visual Studio Magazine

VS Code 1.106 (October Update) Adds Agent HQ, New Security Controls

The October 2025 update to Visual Studio Code (v1.106) introduces Agent HQ for managing AI agents, expands Model Context ...