SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
How-To Geek on MSN

Visual Studio Code has new experimental themes and more AI coding features

The January 2026 update has arrived.
The Hacker News

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

Eclipse Foundation to require pre-publish security checks for Open VSX extensions to reduce VS Code supply-chain risk.

Linux users report Microsoft's Visual Studio Code Snap package isn't actually deleting files

Many have run out of disk space entirely ...
Visual Studio Magazine

Threats from the Shadows: Securing the CI/CD Pipeline Against Modern Attacks

A deep dive into how attackers exploit overlooked weaknesses in CI/CD pipelines and software supply chains, and how .NET and DevOps teams can use automation and modern practices to detect and mitigate ...

GitHub adds Claude and Codex AI coding agents

Microsoft-owned GitHub continues to embrace OpenAI and Anthropic AI advances.

GlassWorm Malware Hits macOS Through Trusted Open VSX Extensions

Cybersecurity researchers from Socket’s Threat Research team have identified a developer-compromise supply chain attack ...