Microsoft’s open source tools were hacked to steal passwords of AI developers

Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...
Tech Xplore

New WebAssembly memory layout could stop Heartbleed-style browser attacks with no visible slowdown

Google Earth, Zoom, Twitch.tv or Photoshop—thanks to the WebAssembly standard, many powerful applications now run directly in ...
Visual Studio Magazine

VS Code 1.123 Adds Agent Session Sync, 1M Context Windows

Microsoft released Visual Studio Code 1.123 on June 3, adding agent-focused features, larger model context support, integrated browser updates and a new delay for some automatic extension updates.
WinBuzzer

VS Code Exploit Can Steal GitHub Tokens via github.dev

A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a patch.