Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
How-To Geek on MSN

I thought I knew VS Code, but these 5 features proved me wrong

VS Code keeps adding new features as time goes on, and if you weren't careful, you likely missed things like sticky scroll, ...
Visual Studio Magazine

Hands On with VS Code 1.111 Autopilot (Preview) for AI Prompts

VS Code 1.111 Autopilot is not just a no-prompts mode. In testing, it handled a blocking question that still stopped Bypass.
XDA Developers on MSN

Why I still use VS Code over every AI-powered code editor that launched this year

Despite AI-heavy code editors mushrooming out of nowhere, I'm satisfied with my VS Code setup ...
Visual Studio Magazine

Hands On: Building an MCP Server with VS Code AI Toolkit's New Tool Catalog

Microsoft's AI Toolkit extension for VS Code now lets developers scaffold a working MCP server in minutes. Here's what that looks like in practice -- including the parts that don't work, and a simpler ...
GitHub

NebulaFlow Workflow Editor (VS Code Extension)

The LLM node runs via the Amp SDK and OpenRouter SDK. The editor acts as a visual wrapper around the SDK: it builds prompts from upstream node outputs and executes them with the SDK. Per-node model ...
The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors ...
Bleeping Computer

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...