Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...

Consolidation is never a good thing.

This is GlassWorm: a software supply chain attack that security researchers are calling one of the most sophisticated and ...

It says it is, but the reality is a little blurry.

Hackers target GitHub developers with fake VS Code alerts and CVEs, using malicious links to steal data and deliver malware.

The Java ecosystem has historically been blessed with great IDEs to work with, including NetBeans, Eclipse and IntelliJ from JetBrains. However, in recent years Microsoft's Visual Studio Code editor ...

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.

VS Code Extensions have transformed the code editor into a productivity powerhouse. GitHub Copilot enables AI-powered autocomplete, multi-line code generation, and context-aware suggestions, helping ...

Anthropic's Claude Code for VS Code has surpassed OpenAI's Codex extension in Visual Studio Code Marketplace installs and review volume despite launching later. OpenAI positions Codex as an IDE ...

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...

Cybersecurity researchers from Socket’s Threat Research team have identified a developer-compromise supply chain attack targeting macOS users, where malicious versions of popular developer extensions ...