SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

VS Code-integrated configuration files are automatically executed in Codespaces when the user opens a repository or pull request. The automatic execution of VS Code-integrated configuration files when ...
Bleeping Computer

Microsoft Copilot Studio extension for VS Code now publicly available

Microsoft announced that the Copilot Studio extension for the Visual Studio Code (VS Code) integrated development environment is now available to all users. Developers can use it to build and manage ...
University of Vermont

Vermont Advanced Computing Center

VACC Open OnDemand offers an application that will launch a VS Code Tunnel on a compute node for remote development. For official VS Code documentation, see https ...
Forbes

The Rise Of The Forward Deployed Engineer: A New Career Path For The Native-AI Era

Every major technology wave creates its own defining role. The rise of cloud computing elevated the product manager. The data revolution made the data scientist indispensable. And in 2025, as ...
Infosecurity-magazine.com

Malware Discovered in 19 Visual Studio Code Extensions

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...
InfoWorld

PythoC: A new way to generate C code from Python

PythoC lets you use Python as a C code generator, but with more features and flexibility than Cython provides. Here’s a first look at the new C code generator for Python. Python and C share more than ...
InfoWorld

Writing code is so over

Soon AI agents will be writing better, cleaner code than any mere human can, just like compilers can write better assembly. There’s an old joke about the weather in San Francisco: If you don’t like it ...
Visual Studio Magazine

'VS Code for the Web -- Azure' Adds Faster Entry Points for Browser-Based Cloud Development

Microsoft expanded its browser-based development tooling with recent updates to VS Code for the Web -- Azure, introducing faster entry points for moving AI-generated code into an editable, ...
Bleeping Computer

OAuth Device Code Phishing: Azure vs. Google Compared

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...
Dark Reading

Self-Propagating GlassWorm Attacks VS Code Supply Chain

A self-propagating worm is targeting Visual Studio Code (VS Code) extensions in a complex supply chain attack that has infected 35,800 developer machines so far with techniques the likes of which ...
The Hacker News

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical ...