Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
GitHub

Language Server for Kotlin

The project is in an experimental, pre-alpha, exploratory phase with the intention to be productionized. We move fast, break things, and explore various aspects of the seamless developer experience ...
GitHub

Towards Visual Grounding: A Survey

If you find any work missing or have any suggestions (papers, implementations, and other resources), feel free to pull requests. We will add the missing papers to this repo as soon as possible. You ...
Visual Studio Magazine

Hands On: Testing Cursor, Windsurf and VS Code on Text-to-Website Generation

A hands-on comparison shows how Cursor, Windsurf, and Visual Studio Code approach text-to-website generation differently once ...
Visual Studio Magazine

Copilot Studio Extension for VS Code Goes GA

Microsoft has released the Copilot Studio extension for Visual Studio Code to general availability, enabling teams to build, ...
InfoWorld

JetBrains IDEs integrate OpenAI Codex

OpenAI’s most advanced agentic coding model is natively integrated into JetBrains AI chat in the 2025.3 version of IntelliJ, ...
Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

Jamf has a warning for macOS vibe coders

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.