The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
Analytics Insight

JavaScript vs TypeScript in 2026: What to Choose and Why?

Overview: TypeScript is widely used in large projects because its typing works better with AI coding assistants and reduces bugs.JavaScript remains best for sma ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...
Visual Studio Magazine

What a Difference a VS Code Fork Makes: Antigravity, Cursor and Windsurf Compared

VS Code forks like Cursor, Windsurf, and Google Antigravity may share a common foundation, but hands-on testing shows they ...
SecurityWeek

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.
Visual Studio Magazine

VS Code Team Member Blames User Trust Decisions in Repo-Based Attacks

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace Trust model as the primary safeguard against repo-based malware -- while ...
InfoWorld

Visual Studio Code adds support for agent skills

An experimental feature in VS Code 1.108, Agent Skills are folders of instructions, scripts, and resources that GitHub Copilot can load for specialized tasks. Visual Studio Code 1.108, the latest ...
Analytics Insight

Fake Recruiters Linked to North Korea Hit 3,100 IPs in Global Cyber Campaign

North Korean-linked hackers have targeted more than 3,100 IP addresses tied to AI, crypto, and finance firms through fake job interviews. The campaign used frau ...
River Journal Online

Which One Wins for Developers: Gemini or ChatGPT

By Karyna Naminas, CEO of Label Your Data Choosing the right AI assistant can save you hours of debugging, documentation, and boilerplate coding. But when it comes to Gemini vs […] ...

Microsoft Virtual Studio Code is being targeted by North Korean hackers

The contagious interview campaign continues.

Yottaa Launches Industry-First MCP Server Purpose-Built for eCommerce Performance Intelligence

First Capability Enables Real-Time Web Performance Insights via AI ClientsWALTHAM, Mass.--(BUSINESS WIRE)--Yottaa, the ...