Try these extensions and you'll wonder how you ever lived without them!

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

VS Code is no longer just an IDE.

The Eclipse Foundation today announced Open VSX Managed Registry , the open source software ecosystem’s first foundation-operated managed service for critical developer infrastructure. Open VSX is the ...

Microsoft has released Visual Studio Code version 1.116, introducing a set of AI-focused improvements that refine developer ...

Across the April 8 and April 15, 2026 releases, Visual Studio Code expanded its agent-focused tooling with a new companion app, better terminal interaction, session debugging and more built-in Copilot ...

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

Three supply chain attacks hit npm, PyPI, and Docker Hub between April 21–23, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD ...

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

For the enterprise, the Desktop GUI is likely to become the standard for management and review, while the CLI remains the ...

First large scale automated trust assessment finds widespread risk across browser extensions, including AI agents. Only ...