Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

North Korean hackers target Microsoft Virtual Studio Code

As part of the infamous Contagious Interview campaign, North Korean threat actors were seen abusing legitimate Microsoft ...
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

I tried vibe coding an app as a beginner - here's what Cursor and Replit taught me

I tried four vibe-coding tools, including Cursor and Replit, with no coding background. Here's what worked (and what didn't).

OpenAI Codex Made Simple, from Installation to MCP Tools & VSCode Tips

Get started with OpenAI Codex AI coding assistant. Learn how Codex connects to MCP servers like Figma and Jira, pulling docs ...
Visual Studio Magazine

Hands On with Copilot Vision: VS Code's Head Start and How the IDE Is Catching Up

AI space! GitHub Copilot's vision and image-based features arrived first in VS Code in February 2025 and have since become ...
Visual Studio Magazine

Hands On with New Experimental GitHub Copilot 'Agent Skills' in VS Code

Visual Studio Code 1.108 introduces Agent Skills for GitHub Copilot, enabling developers to define reusable, domain-specific ...
Bleeping Computer

Malicious VSCode Marketplace extensions hid trojan in fake PNG file

A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with malware hidden inside dependency folders. The malicious activity was ...
The Hacker News

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs

Cybersecurity researchers have disclosed a new set of three extensions associated with the GlassWorm campaign, indicating continued attempts on part of threat actors to target the Visual Studio Code ...