How-To Geek on MSN

This IDE actually made me a better programmer

One IDE to rule them all. You won't want to use anything else.
Microsoft

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek.
Visual Studio Magazine

VS Code 1.110 Ships with Agent Plugins, Browser Tools and Session Memory

Visual Studio Code 1.110 (February 2026) adds new agent extensibility, browser-driving chat tools, and expanded chat accessibility.
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
InfoWorld

Microsoft brings C++ smarts to GitHub Copilot in Visual Studio Code

Updates to GitHub Copilot in VS Code provide the same C++ symbol context and CMake build configuration awareness as Microsoft’s C/C++ DevTools and CMake Tools extensions.
CSOonline

Flaws in four popular VS Code extensions left 128 million installs open to attack

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...
Hosted on MSN

GlassWorm malware hits macOS via compromised VS Code extensions

Threat actors compromised the Open VSX Registry on January 30, 2026, pushing malicious updates to four trusted VS Code extensions with over 22,000 combined downloads. The attack targeted macOS ...
winbuzzer.com

Malicious VS Code Extensions Steal Code from 1.5M Developers

Security researchers revealed two malicious VS Code extensions exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million developers to servers in China while masquerading as AI ...
SecurityWeek

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

A hacker published malicious versions of four established VS Code extensions to distribute a GlassWorm malware loader. The GlassWorm malware has appeared on the Open VSX marketplace again, after a ...
Fox News

Malicious Mac extensions steal crypto wallets and passwords

Mac users often assume they're safer than everyone else, especially when they stick to official app stores and trusted tools. That sense of security is exactly what attackers like to exploit. Security ...
The Hacker News

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are ...
techworm.net

New GlassWorm Malware Wave Targets Macs Through Fake Crypto Wallet Tools

A new wave of the GlassWorm malware is now targeting macOS developers by hiding malicious code inside fake Visual Studio Code extensions designed to steal cryptocurrency, credentials, and sensitive ...