VS Code is one of the most popular open-source (mostly) applications out there, and for good reason: It does everything you ...

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...

Threat actors continue to probe Visual Studio Code's extension ecosystem, and a late November incident shows how quickly a trusted developer tool can be turned into a supply chain beachhead. In a ...

The Container Tools extension makes it easy to build, manage, and deploy containerized applications from Visual Studio Code. It also provides one-click debugging of Node.js, Python, and .NET inside a ...

VS Code has become the top choice for web developers. It’s been around only 8 years but has grown a lot. This is thanks to its huge library of extensions and how it boosts productivity. VS Code’s ...

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, ...

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain remote control, all while posing as legitimate developer tools. In a new ...

Enterprise giant Salesforce is looking to ride the vibe-coding wave — where developers describe what they want in natural language and AI agents write the code — with its new AI-powered developer tool ...

Thank you very much for providing and maintaining this extremely helpful remote extension. I wanted to bring attention to a recent security issue that affected the official Visual Studio Code Remote - ...