GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...

OpenClaw's Node for VS Code extension proved it can support a real local file-based workflow, but on Windows the experience still feels more like early infrastructure than finished tooling.

IBM announced it is offering the IBM Db2 Developer Extension for Visual Studio (VS) Code—now generally available. Developers live in VS Code, but Db2 development often means switching tools to set up ...

Latest weekly update supports previewing videos in the image carousel, adds a Copy Final Response command to the chat context ...

Microsoft's AI Toolkit extension for VS Code now includes a Tool Catalog that can scaffold a Python or TypeScript MCP server with the core transport and registration plumbing already set up. In ...

Hackers target GitHub developers with fake VS Code alerts and CVEs, using malicious links to steal data and deliver malware.

Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick ...

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace checks and silently installing malware onto developers’ systems. Threat ...

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...

A large-scale phishing campaign is currently targeting developers via GitHub. Attackers are exploiting the Discussions feature to spread fake security ...