The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.
InfoWorld

Buyer’s guide: Comparing the leading cloud data platforms

Databricks, Snowflake, Amazon Redshift, Google BigQuery, and Microsoft Fabric – to see how they address rapidly evolving ...
Dark Reading

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

A spear-phishing campaign by North Korean actors is abusing a legitimate feature of Microsoft Visual Studio (VS) Code to gain full remote control of targeted systems. In the campaign, discovered by ...
CSOonline

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...
Bleeping Computer

Microsoft Copilot Studio extension for VS Code now publicly available

Microsoft announced that the Copilot Studio extension for the Visual Studio Code (VS Code) integrated development environment is now available to all users. Developers can use it to build and manage ...
Business Wire

CodeRabbit’s “State of AI vs Human Code Generation” Report Finds That AI-Written Code Produces ~ 1.7x More Issues Than Human Code

SAN FRANCISCO--(BUSINESS WIRE)--CodeRabbit, the leading AI-powered code review platform, today released the “State of AI vs Human Code Generation”, a comprehensive new report analyzing the quality of ...
Infosecurity-magazine.com

Malware Discovered in 19 Visual Studio Code Extensions

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...
The New York Times

OpenAI Calls a ‘Code Red’ + Which Model Should I Use? + The Hard Fork Review of Slop

This transcript was created using speech recognition software. While it has been reviewed by human transcribers, it may contain errors. Please review the episode audio before quoting from this ...
Bleeping Computer

AI-Slop ransomware test sneaks on to VS Code marketplace

A malicious extension with basic ransomware capabilities seemingly created with the help of AI, has been published on Microsoft's official VS Code marketplace. Named susvsex and published by ...
Dark Reading

Leaks in Microsoft VS Code Marketplace Put Supply Chain at Risk

Organizations have accidentally exposed secrets across Microsoft Visual Studio Code (VS Code) marketplaces, posing significant risks not just to the organizations themselves but also to the greater ...
InfoQ

VS Code MSSQL Extension v1.35 Brings Schema Compare, Designer and Local Containers to GA

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Visual Studio Magazine

Elevate SQL Development with VS Code

As SQL development increasingly becomes part of full-stack workflows, developers are looking for ways to simplify their tooling without compromising capability. While SQL Server Management Studio ...