Dark Reading

'Ransomvibing' Infests Visual Studio Extension Market

A published VS Code extension didn't hide the fact that it encrypts and exfiltrates data and also failed to remove obvious signs it was AI-generated.
Cryptopolitan on MSN

3 VS Code extensions stealing credentials for GitHub, VSX, and crypto wallets

Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which ...
Windows Report

Visual Studio 2026 Launches With Updated UI and GitHub Copilot Upgrades

Visual Studio 2026 brings faster performance, new C# and C++ Copilot agents, and seamless compatibility with existing ...
Visual Studio Magazine

VS Code 1.106 (October Update) Adds Agent HQ, New Security Controls

The October 2025 update to Visual Studio Code (v1.106) introduces Agent HQ for managing AI agents, expands Model Context ...
InfoQ

Redis Critical Remote Code Execution Vulnerability Discovered after 13 Years

This critical (CVSS 10.0) use-after-free (UAF) vulnerability in Lua scripting could allow authenticated attackers to execute ...

Malicious AI-made extension with ransomware capabilities sneaks on to Microsoft's official VS Code marketplace - so devs beware

A malicious extension was published on Microsoft’s official VS Code marketplace, and was able to remain there for some time gathering downloads and infecting people’s computers.