VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has ...
Cryptopolitan on MSN
Hacker target the OpenVSX ecosystem to steal crypto wallets
GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...
The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
Visual Studio 2026 has further integrated GitHub Copilot's cloud agent to its Copilot Chat picker -- catching up to VS Code -- and the async workflow it enables, where a task runs on GitHub Actions ...
Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...
VS Code 1.117 adds bring-your-own model key support for Copilot Business and Enterprise users and introduces a set of chat, agent, terminal, and TypeScript updates.
Earn these JavaScript certs to demonstrate mastery of the most in-demand skills for the world’s most-used programming ...
How-To Geek on MSN
10 VS Code extensions I can't live without
Try these extensions and you'll wonder how you ever lived without them!
Some results have been hidden because they may be inaccessible to you
Show inaccessible results