CSO Online

New ‘StoatWaffle’ malware auto‑executes attacks on developers

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, ...
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
InfoWorld

VS Code now updates weekly

Agents, browser debugging, and deprecation of Edit Mode are all highlighted in the latest versions of the popular code editor ...
Visual Studio Magazine

Visual Studio Code 1.112 Adds Integrated Browser Debugging, More Copilot CLI Control

Visual Studio Code 1.112, released March 18, expands Copilot agent autonomy, adds MCP server sandboxing on macOS and Linux, enables in-editor web app debugging, and broadens monorepo support for agent ...