GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.
Visual Studio Magazine

Hands On: Building an MCP Server with VS Code AI Toolkit's New Tool Catalog

Microsoft's AI Toolkit extension for VS Code now lets developers scaffold a working MCP server in minutes. Here's what that looks like in practice -- including the parts that don't work, and a simpler ...
GitHub

Container Tools for Visual Studio Code

The Container Tools extension makes it easy to build, manage, and deploy containerized applications from Visual Studio Code. It also provides one-click debugging of Node.js, Python, and .NET inside a ...
Visual Studio Magazine

Claude Code Edges OpenAI's Codex in VS Code's Agentic AI Marketplace Leaderboard

Anthropic's Claude Code for VS Code has surpassed OpenAI's Codex extension in Visual Studio Code Marketplace installs and review volume despite launching later. OpenAI positions Codex as an IDE ...
InfoWorld

Microsoft brings C++ smarts to GitHub Copilot in Visual Studio Code

Updates to GitHub Copilot in VS Code provide the same C++ symbol context and CMake build configuration awareness as Microsoft’s C/C++ DevTools and CMake Tools extensions. Microsoft has introduced C++ ...
Bleeping Computer

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...