The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...
CSO Online

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
Infosecurity Magazine

Flaws in Popular Software Development App Extensions Allow Data Exfiltration

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain ...
Hosted on MSN

My Favorite Visual Studio Code Extension Isn’t for Coding

Visual Studio Code has thousands of extensions that productivity-boosting features, support for more languages, and integrations with other development tools. My favorite extension doesn’t do any of ...
GIGAZINE

Microsoft allows its own special APIs to be used in Visual Studio Code extensions

Microsoft's text editor 'Visual Studio Code' has an extension marketplace, where users can easily install various extensions. A Reddit post pointed out that only Microsoft extensions can use special ...
Visual Studio Magazine

Devs Diss Visual Studio's AI

In a social media feedback thread started by Microsoft Visual Studio guru Mads Kristensen, multiple developers unloaded on the IDE's facility with AI provided by GitHub Copilot and other tools.
heise online

Visual Studio Code 1.97 brings Copilot Edits and movable palette

The command palette can now be moved and new AI functions are available. Publishers can be defined as trustworthy for extensions. Microsoft has released Visual Studio Code 1.97. The first release of ...