Microsoft has released the Copilot Studio extension for Visual Studio Code to general availability, enabling teams to build, ...

VS Code forks like Cursor, Windsurf, and Google Antigravity may share a common foundation, but hands-on testing shows they ...

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to ...

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

A：MaliciousCorgi是指两个恶意 VS Code 扩展的攻击活动，这些扩展伪装成AI编程助手，实际上会窃取开发者的源代码和文件内容，发送到中国服务器。两个扩展总安装量达150万次。

与朝鲜有关的网络间谍组织正在将全球开发者广泛使用的工具——Visual Studio ...

The malicious activity is targeting organizations with software development teams that rely on VS Code and third-party ...

AI编程助手的流行正吸引新型网络攻击者。2026年1月27日，Aikido Security安全研究员Charlie Eriksen发现一款伪装成热门工具"ClawdBot"的恶意Visual Studio Code扩展。这款名为"ClawdBot ...