Latest VS Code update introduces prepackaged bundles of chat customizations that can include skills, commands, agents, MCP servers, and hooks.

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Updates to GitHub Copilot in VS Code provide the same C++ symbol context and CMake build configuration awareness as Microsoft’s C/C++ DevTools and CMake Tools extensions.

The VS Code 1.110 cycle is putting more 'hands-on' capabilities into chat, led by native browser integration that lets AI agents interact with page elements, capture screenshots, and pull real-time ...

Visual Studio Code 1.110 (February 2026) adds new agent extensibility, browser-driving chat tools, and expanded chat accessibility.

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...

Sophie Koonin discusses the realities of large-scale technical migrations, using Monzo’s shift to TypeScript as a roadmap. She explains how to handle "bends in the road," from documentation and ...

OX SecurityはVS Code用の拡張機能4件に重大な脆弱性を確認した。Live Serverなどに遠隔ファイル流出やRCEの恐れがあり、Cursorなどにも影響する。開発環境の防御は急務であり、審査制度の整備を提言している。

Come for the coding test, stay for the C2 traffic Next.js developers are once again in the crosshairs as hackers seed ...

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...

OpenAI today released the Codex app for Windows, powered by OpenAI’s frontier coding models, and it’s now the only coding agent with a first-class Windows experience.

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...