Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
Visual Studio Magazine

Top 5 AI Tools for Visual Studio 2026

Visual Studio 2026 includes GitHub Copilot functionality built into the IDE, while third-party AI coding assistants remain available through the Visual Studio Marketplace. Using Marketplace install ...
Bleeping Computer

Malicious AI extensions on VSCode Marketplace steal developer data

Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
Visual Studio Magazine

VS Code Team Member Blames User Trust Decisions in Repo-Based Attacks

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...
The Hacker News

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

First malicious Outlook add-in abused an abandoned domain to host a fake Microsoft login page, stealing 4,000+ credentials in ...
InfoWorld

Visual Studio Code update shines on coding agents

Visual Studio Code 1.109 introduces enhancements for providing agents with more skills and context and managing multiple ...
How-To Geek on MSN

Visual Studio Code has new experimental themes and more AI coding features

The January 2026 update has arrived.
InfoWorld

Google adds automated code reviews to Conductor AI

The Conductor extension now can generate post-implementation code quality and compliance reports based on developer specifications.