VS Code 1.123 adds a two-hour delay before extensions auto-update to newer versions when automatic updates are enabled.
GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
Microsoft has released VS Code 1.122 with BYOK support without sign-in, mobile device emulation, and a new issue reporting ...
A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...
A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...
We are looking for an experienced SAP Commerce Developer (Java) to join a high-performing digital and e-commerce technology team. The successful candidate will play a key role in the design, ...
Its disclosure raises questions about what security researchers should expect from vendors, and how far in advance of its ...
Top GitHub database repositories for SQL tools, data engineering, analytics databases, and open source systems used in modern ...
Morning Overview on MSN
GitHub just confirmed hackers broke into its own code through a poisoned coding tool — slipping in on a developer’s laptop without anyone noticing for days
Sometime in early 2025, an attacker slipped malicious code into a Visual Studio Code extension, and a GitHub employee installed it. For several days, that extension ran quietly on the developer’s ...
XDA Developers on MSN
A poisoned VS Code extension led to a GitHub breach, and Microsoft owns every link in the chain
Microsoft has had a VS Code extension for a long time, and it finally came back to bite them.
Microsoft released Visual Studio Code 1.123 on June 3, adding agent-focused features, larger model context support, integrated browser updates and a new delay for some automatic extension updates.
A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a patch.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results