This week, Italy blocked Russian cyberattacks targeting the Olympics. Flaws in SolarWinds, Ivanti and Microsoft Office.

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

🚀 What's Coming Next: I'm building an AI Agent Feedback Loop System that enables intelligent collaboration between Claude Code and Gemini AI. This will create a continuous improvement cycle where ...

Eclipse Foundation to require pre-publish security checks for Open VSX extensions to reduce VS Code supply-chain risk.

Cybersecurity researchers from Socket’s Threat Research team have identified a developer-compromise supply chain attack ...

GlassWorm malware is expanding to open source platforms, targeting macOS users with infostealers.

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...

A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems.

The classic VS Code is great and all, but these specialized forks are better for certain programming tasks ...

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.