The GitHub Copilot SDK turns the Copilot CLI into a cross-platform agent host with Model Context Protocol support.

A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems.

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...

From technical compromise to AI-driven attacks, cyber criminals increasingly see software developers as prime targets, creating systemic risks CISOs must address.

This week, Italy blocked Russian cyberattacks targeting the Olympics. Flaws in SolarWinds, Ivanti and Microsoft Office.

Visual Studio Code 1.109 introduces enhancements for providing agents with more skills and context and managing multiple ...

Those project files you deleted might not actually be deleted.

The January 2026 update has arrived.

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary ...

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

The January 2026 release of Visual Studio Code expands AI-assisted development with structured planning agents, parallel ...