GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
Visual Studio Magazine

Going Local (& a Bit Loco) with Open-Source AI in VS Code

This hands-on PoC shows how I got an open-source model running locally in Visual Studio Code, where the setup worked, where it broke down, and what to watch out for if you want to apply a local model ...
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
XDA Developers on MSN

I thought vibe-coding was just for developers — Claude proved me wrong

It’s not just a dev thing ...
Bleeping Computer

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
The Hacker News

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 ...
CNET

Anthropic's New Claude Cowork Is an AI Agent for Your Computer's Files

Cowork can also use the data in that folder to create new projects -- but it's still in early access, so be cautious. Imad was a senior reporter covering Google and internet culture. Hailing from ...
Visual Studio Magazine

Hands On with New Experimental GitHub Copilot 'Agent Skills' in VS Code

Visual Studio Code 1.108 adds experimental Agent Skills, allowing GitHub Copilot to load custom instructions, scripts, and resources for specialized tasks. Agent Skills are defined in a simple folder ...