Dark Reading

GlassWorm Malware Returns to Shatter Developer Ecosystems

The self-replicating malware has poisoned a fresh set of Open VSX software components, leaving potential downstream victims ...
Visual Studio Magazine

VS Code Team Member Blames User Trust Decisions in Repo-Based Attacks

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...
Infosecurity Magazine

Malicious Commands in GitHub Codespaces Enable RCE

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
The Register on MSN

VS Code for Linux may be secretly hoarding trashed files

Versions installed via Snap don't delete files when users empty system trash Linux users who installed Microsoft's Visual ...