The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
Bleeping Computer

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
Analytics India Magazine

Just How Easy is it to Publish Malicious Extension on VSCode?

Israeli researchers demonstrated that publishing malicious VSCode extensions can be done in just 30 minutes. Over 1,280 malicious extensions exist on VSCode, accumulating 229 million installations.
GitHub

Javascript Debug Terminal not debugging

Does this issue occur when all extensions are disabled?: Yes/No Not possible to test - JavaScript debug terminal is not an option in bisect mode. VS Code Version ...
GitHub

Can't debug TypeScript/JavaScript VS Code extensions with Insiders

Open a TypeScript/JavaScript project that is configured to debug with the extensionHost. I'm using https://github.com/microsoft/vscode-cpptools. Bug: There's no ...
InfoWorld

Review: Visual Studio Code shines for Java

With the Extension Pack for Java, VS Code makes a highly capable Java IDE and formidable competitor to Eclipse, NetBeans, and IntelliJ IDEA. There was a time when your choices for Java IDEs were ...