Cryptopolitan

3 VS Code extensions stealing credentials for GitHub, VSX, and crypto wallets

Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which ...
XDA Developers on MSN

I've only kept these 6 VS Code extensions after deep-cleaning the code editor

Besides its lightweight design and compatibility with all major operating systems, a massive collection of extensions is one ...
CSO Online

Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace

A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace ...
InfoWorld

Malicious npm packages contain Vidar infostealer

Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.
Visual Studio Magazine

Microsoft Details How 'Agents Took Over VS Code in 2025'

Microsoft's unified agent experience in VS Code consolidates Copilot, Codex, and custom agents, introducing Agent Sessions, a ...