New GlassWorm Malware Wave Targets Macs Through Fake Crypto Wallet Tools

A new wave of the GlassWorm malware is now targeting macOS developers by hiding malicious code inside fake Visual Studio Code ...
Infosecurity-magazine.com

Malware Discovered in 19 Visual Studio Code Extensions

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...
It’s Nice That

Studio Lotta Nieminen’s sophisticated brand identity for Erly leans on exquisite colour combinations and a confident logo

To draw up a mark for the skincare brands personalised products, the studio stuck to soft and simple visual cues around “mixing and tailoring”. Working alongside designer Emma Tahvanainen and a ...
Dark Reading

'Ransomvibing' Infests Visual Studio Extension Market

The threat actor skill floor may soon lower as vibe coded ransomware has seemingly been published as an extension for Microsoft's AI code editor Visual Studio Code (VS Code). John Tuckner, founder of ...
CSOonline

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...
CSOonline

Threat actors are spreading malicious extensions via VS marketplaces

Careless developers publishing Visual Studio extensions to two open marketplaces have been including access tokens and other secrets that can be exploited by threat actors, a security vendor has found ...
TechSpot

Microsoft turns to Anthropic's AI for Visual Studio Code, raising eyebrows about OpenAI ties

Editor's take: Microsoft has long been the financial lifeline of OpenAI, but its growing reliance on Anthropic's models suggests that loyalty may be giving way to performance. By favoring Anthropic in ...
Bleeping Computer

'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has been targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the Visual Studio marketplace and the Open VSX registry. The campaign is ...
GitHub

Mermaid Chart extension for Visual Studio Code

The official Mermaid extension for Visual Studio Code enables developers to seamlessly create, edit, preview and integrate mermaid diagrams from within the VS Code. To use the AI diagramming feature, ...
Redmond Magazine

GitHub Copilot Extension for Visual Studio

Microsoft has released a new GitHub Copilot extension in public preview designed to help enterprise .NET developers modernize and migrate legacy applications to Azure. Integrated with Visual Studio ...
The Hacker News

New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status

A new study of integrated development environments (IDEs) like Microsoft Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor has revealed weaknesses in how they handle the extension ...