In the AI developer boom, some of the most important battlegrounds are not glamorous models or splashy chatbots. They are the quiet pipes that keep modern coding tools fed and up to date.

Pencil.dev focuses on design-to-code speed versus static tools; upcoming reusable component libraries are planned for 2026.

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...

Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors ...

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

VS Code forks are diverging rapidly, not just in features, but in how they structure AI-assisted development workflows. Cursor emphasizes speed and visual polish, Windsurf leans toward dynamic ...

The Copilot Studio extension lets developers use any VS Code-compatible AI assistant to develop AI agents, then sync with Copilot Studio for testing and iteration. Microsoft is offering a Microsoft ...

Mac users often assume they're safer than everyone else, especially when they stick to official app stores and trusted tools. That sense of security is exactly what attackers like to exploit. Security ...

VS Code snippets and keybinding-based editor.action.insertSnippet commands can replicate the core behavior of unmaintained extensions such as htmltagwrap. Different approaches -- custom extensions, ...

Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are ...

PCWorld reports that 18 malicious browser extensions linked to Chinese hacker group DarkSpectre are stealing sensitive Zoom meeting data from users. These dangerous extensions have been downloaded 2.2 ...

A new wave of the GlassWorm malware is now targeting macOS developers by hiding malicious code inside fake Visual Studio Code extensions designed to steal cryptocurrency, credentials, and sensitive ...