SecurityWeek

Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware

Visual Studio developers are targeted with a self-propagating worm in a sophisticated supply chain attack through the OpenVSX ...

Self-spreading GlassWorm malware hits OpenVSX, VS Code registries

A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with ...
The Hacker News

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that ...
Techzine Europe

Invisible malware spreads via VS Code extensions

A new cyber threat is affecting developers worldwide who work with Visual Studio Code. Researchers at Koi Security have ...
InfoWorld

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain ...
Visual Studio Magazine

New Agents Panel Brings Copilot Coding Tasks to Visual Studio and VS Code

GitHub has expanded its Copilot coding agent with a new agents panel, giving Visual Studio and VS Code users a centralized way to launch and track AI-driven coding tasks directly alongside their ...
Visual Studio Magazine

Bevy of AI Chat Improvements in New VS Code Release

Microsoft’s Visual Studio Code September 2025 release (v1.105.0) introduces major AI-driven enhancements across chat, agents, ...
InfoWorld

Visual Studio Code taps AI for merge conflict resolution

VS Code 1.105 also introduces a built-in MCP server marketplace and allows users to resume recent Copilot Chat sessions.

Hidden "Glassworm" malware spreads through infected VS Code extensions

A new malware worm campaign has infected multiple Microsoft Visual Studio Code extensions using invisible Unicode characters ...