The Hacker News

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

VS Code 1.123 adds a two-hour delay before extensions auto-update to newer versions when automatic updates are enabled.

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate approximately 3,800 of GitHub's internal source code repositories — everythi ...
VentureBeat

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...

GitHub investigating cyberattack linked to malicious VS Code extension and leaked internal repositories

GitHub is investigating a cyberattack linked to a malicious VS Code extension after hackers allegedly accessed thousands of internal repositories and attempted to sell the data online.
ZDNet

Microsoft: We want you to learn Python programming language for free

Roku TV vs Fire Stick Galaxy Buds 3 Pro vs Apple AirPods Pro 3 M5 MacBook Pro vs M4 MacBook Air Linux Mint vs Zorin OS 4 quick steps to make your Android phone run like new again How much RAM does ...
Bleeping Computer

Microsoft Copilot Studio extension for VS Code now publicly available

Microsoft announced that the Copilot Studio extension for the Visual Studio Code (VS Code) integrated development environment is now available to all users. Developers can use it to build and manage ...
Infosecurity-magazine.com

Malware Discovered in 19 Visual Studio Code Extensions

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...
Windows Report

How to Run Code in Visual Studio (Step-by-Step Guide)

For fixing Windows errors, we recommend Fortect: Fortect will identify and deploy the correct fix for your Windows errors. Follow the 3 easy steps to get rid of Windows errors: Follow these steps to ...
Neowin

Microsoft launches Visual Studio 2026 and .NET 10 with big performance improvements

Microsoft has announced the general availability of Visual Studio 2026 and .NET 10. This major VS 2026 update features a new UI, significant performance boosts and more. After testing the Visual ...
CSOonline

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...
CSOonline

Threat actors are spreading malicious extensions via VS marketplaces

Careless developers publishing Visual Studio extensions to two open marketplaces have been including access tokens and other secrets that can be exploited by threat actors, a security vendor has found ...