The April update suppresses Copilot completions while IntelliSense is active, addressing a long-running editor conflict.
VS Code 1.117 adds bring-your-own model key support for Copilot Business and Enterprise users and introduces a set of chat, agent, terminal, and TypeScript updates.
Tropic Trooper used trojanized SumatraPDF and GitHub C2 in 2024 to deploy AdaptixC2, enabling covert VS Code tunnel access.
VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.
Cryptopolitan on MSN
Hacker target the OpenVSX ecosystem to steal crypto wallets
GlassWorm, a known malware, has put 73 harmful extensions into OpenVSX's registry. Hackers use it to steal developers' crypto ...
IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample ...
XDA Developers on MSN
Every AI code editor wants to replace VS Code, but the smartest ones are just extending it
Embrace VS Code instead of fighting it ...
Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...
In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed ...
The now‑patched flaw allowed authenticated users to execute arbitrary code via crafted git push requests, affecting ...
Wiz discovered a critical remote code execution vulnerability in GitHub that exposed millions of repositories.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results