Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...
Visual Studio Magazine

VS Code Is Latest Microsoft Dev Tooling Weaponized by Threat Actors

Cybersecurity threat actors keep leveraging Microsoft development tooling as attack vectors. The latest incident was reported this month by Cyble, with one of the key takeaways of its report being: ...
Bleeping Computer

Latest Visual Studio Code news

A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. Attackers are doubling down on malicious browser ...
CSOonline

Warning to developers: Stay away from these 10 VSCode extensions

Developers using Microsoft’s Visual Studio Code (VSCode) editor are being warned to delete, or at least stay away from, 10 newly published extensions which will trigger the installation of a ...