Agents, browser debugging, and deprecation of Edit Mode are all highlighted in the latest versions of the popular code editor.
North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and enabling remote control.
The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, enabling near-frictionless compromise.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results