The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
WinBuzzer

Malicious VS Code Extensions Steal Code from 1.5M Developers

Two malicious VS Code extensions have exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million ...
The Hacker News

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...
Visual Studio Magazine

VS Code Expands AI Flexibility with Bring Your Own Key

Microsoft announced expanded AI model support in Visual Studio Code through a new Bring Your Own Key (BYOK) capability that lets developers connect models from different providers by entering their ...
Technobezz on MSN

Microsoft's VS Code snap package fails to delete files on Linux

A bug in VS Code's Snap package leaves deleted files on Linux disks, exposing sensitive data due to a flawed local trash system..