The Hacker News

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
Visual Studio Magazine

Visual Studio Code 1.117 Expands Copilot Controls for Business and Enterprise User

VS Code 1.117 adds bring-your-own model key support for Copilot Business and Enterprise users and introduces a set of chat, agent, terminal, and TypeScript updates.

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...
Holistic AI

Shadow AI Discovery: Risk Scoring, Staging & One-Click Reconciliation

Unified AI governance: discover shadow AI, prioritize risk, and reconcile assets into an audit-ready inventory across all ...
The Hacker News

Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

Tropic Trooper used trojanized SumatraPDF and GitHub C2 in 2024 to deploy AdaptixC2, enabling covert VS Code tunnel access.

Anthropic’s Leaked Code Tests Copyright Challenges in A.I. Era

Artificial intelligence tools are making it faster than ever to reproduce creative work. Does copyright even matter anymore?
XDA Developers on MSN

These VS Code extensions let me ditch three separate apps for notes, tasks, and code

VS Code is no longer just an IDE.