GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

You also get to escape Microsoft telemetry tracking too.

One IDE to rule them all. You won't want to use anything else.

A new study published Feb. 11 in the American Chemical Society journal Environment & Health has found that synthetic and human hair extensions, popular among Black communities, contain more chemicals ...

A new VS Code extension called Nogic visualizes codebases as interactive graphs and drew strong interest on Hacker News. Commenters praised the concept for understanding large or unfamiliar codebases, ...

Good browsers work well with their standard features alone. They can protect you when browsing online, autofill your login information, and manage your favorite websites with ease. Some go beyond and ...

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and ...

Malicious browser extensions are a widespread problem. Even vetted extensions can be dangerous. Here's what you should do to avoid issues. Koi Security investigated a single malicious extension used ...

With "vibe coding" taking over software development with AI-driven programming and other advanced functionality, you would think the Visual Studio Code Marketplace would be flooded with new extensions ...

Chrome warnings are again in the news this week, with Google confirming active attacks and issuing an emergency update for 3 billion users. The company also confirmed it had mitigated this threat by ...