Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

Stop using standard VS Code ...

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.

Mac users often assume they're safer than everyone else, especially when they stick to official app stores and trusted tools. That sense of security is exactly what attackers like to exploit. Security ...

A new wave of the GlassWorm malware is now targeting macOS developers by hiding malicious code inside fake Visual Studio Code extensions designed to steal cryptocurrency, credentials, and sensitive ...

In this post, we will show you how to create real-time interactive flowcharts for your code using VS Code CodeVisualizer. CodeVisualizer is a free, open-source Visual Studio Code extension that ...

Kilo Code makes a "vibe coding" extension for programming applications such as Microsoft's Visual Studio Code. The company was launched early this year by a group including Sid Sijbrandij, previously ...

Microsoft is previewing a new AI-assisted tool for Visual Studio Code Insiders called the JavaScript/TypeScript Modernizer. It's designed to help developers modernize older JavaScript or TypeScript ...

You start by getting the official installer from the Visual Studio Code website. Open your preferred browser on Windows. Go to the Visual Studio Code download page ...

In December 2025, the GlassWorm supply chain malware campaign emerged again, affecting both the Microsoft Visual Studio Marketplace and Open VSX platforms. This episode involved 24 extensions posing ...

Cybersecurity firm Koi Security uncovers a new wave of the GlassWorm campaign, which hides malware in invisible Unicode code within VS Code extensions. The malware steals GitHub, Open VSX, and crypto ...