Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode ...

GlassWorm, a self-propagating VS Code malware first found in the Open VSX marketplace, continues to infect developer devices ...

The October 2025 update to Visual Studio Code (v1.106) introduces Agent HQ for managing AI agents, expands Model Context ...

Agent HQ provides a single location for managing both local and remote coding agents and introduces a plan agent that breaks ...

At its core, VS Code is built on an open source project called Code OSS, published under the permissive MIT license. Microsoft maintains this repository publicly on GitHub, where anyone can clone, ...

Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which ...

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities ...

Microsoft's unified agent experience in VS Code consolidates Copilot, Codex, and custom agents, introducing Agent Sessions, a ...

Besides its lightweight design and compatibility with all major operating systems, a massive collection of extensions is one ...

The leak has now been fixed. According to the Open VSX team, the incident has been fully contained and closed since October ...

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code ...

A malicious extension with basic ransomware capabilities seemingly created with the help of AI, has been published on Microsoft's official VS Code marketplace.