Visual Studio Magazine

VS Code Team Member Blames User Trust Decisions in Repo-Based Attacks

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...
Cybernews

North Korea is turning open-source projects into malware traps

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
The Hacker News

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.

RJ Barrett scores 21 points in the Raptors' 107-100 victory over the Jazz

TORONTO (AP) — RJ Barrett scored 21 points, Sandro Mamukelashvili added 20 and the Toronto Raptors beat the Utah Jazz 107-100 on Sunday night to open a five-game homestand. Brandon Ingram added 19 ...
SecurityWeek

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.
Visual Studio Magazine

Linear Regression with Pseudo-Inverse Training Using JavaScript

Dr. James McCaffrey presents a complete end-to-end demonstration of linear regression with pseudo-inverse training implemented using JavaScript. Compared to other training techniques, such as ...