The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, enabling near-frictionless compromise.

Agents, browser debugging, and deprecation of Edit Mode are all highlighted in the latest versions of the popular code editor.

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and enabling remote control.

Everything you may have missed from the past week.

Within the Heated Rivalry fan community, the 40-second video montage has entered urban-legend territory. Originally posted on X by a user with the handle sosaneitsinsane, the fan edit is a compilation ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

All authors are with the Department of Mechanical Engineering at Louisiana State University, Baton Rouge, Louisiana, United States of America. For brevity, we have divided this README into the ...

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

VS Code keeps adding new features as time goes on, and if you weren't careful, you likely missed things like sticky scroll, zen mode, and more.

Asynchronous programming with async and await has existed in .NET for years. Now Microsoft is delivering a new runtime environment for asynchronous execution.

AI Toolkit for VS Code v0.30.0 adds a new Tool Catalog for discovering, configuring, and managing agent tools, including local stdio MCP servers and tools from the public Foundry catalog. A new Agent ...

The Container Tools extension makes it easy to build, manage, and deploy containerized applications from Visual Studio Code. It also provides one-click debugging of Node.js, Python, and .NET inside a ...