Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.

Security researchers are increasingly citing Visual Studio Code as part of supply chain attacks on developers. Researchers at Jamf recently identified ...

A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to ...

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

The contagious interview campaign continues.

The malicious activity is targeting organizations with software development teams that rely on VS Code and third-party ...

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...

Experts reveal Evelyn Stealer malware abusing VS Code extensions to steal developer credentials, browser data, and ...

I tried four vibe-coding tools, including Cursor and Replit, with no coding background. Here's what worked (and what didn't).

I'm not a programmer, but I tried four vibe coding tools to see if I could build anything at all on my own. Here's what I did and did not accomplish.