Latest VS Code update introduces prepackaged bundles of chat customizations that can include skills, commands, agents, MCP ...

Updates to GitHub Copilot in VS Code provide the same C++ symbol context and CMake build configuration awareness as Microsoft ...

Visual Studio Code 1.110 (February 2026) adds new agent extensibility, browser-driving chat tools, and expanded chat accessibility.

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

The VS Code 1.110 cycle is putting more 'hands-on' capabilities into chat, led by native browser integration that lets AI agents interact with page elements, capture screenshots, and pull real-time ...

Come for the coding test, stay for the C2 traffic Next.js developers are once again in the crosshairs as hackers seed ...

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...

OX SecurityはVS Code用の拡張機能4件に重大な脆弱性を確認した。Live Serverなどに遠隔ファイル流出やRCEの恐れがあり、Cursorなどにも影響する。開発環境の防御は急務であり、審査制度の整備を提言している。

Microsoft has warned that threat actors are exploiting seemingly legitimate Next. js repositories to compromise software developers, embedding staged backdoors inside projects that mimic technical ...

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...

Orca has discovered a supply chain attack that abuses GitHub Issue to take over Copilot when launching a Codespace from that ...

Microsoftは2月24日（現地時間）、Visual Studio 2026 Stable ...