The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.
The Hacker News

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

Microsoft updates VS Code to 1.118 and adds remote control for Copilot CLI

Beyond remote AI management, Microsoft is tackling the high cost of coding bots with new token efficiency tech. See what ...

GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious ...
Visual Studio Magazine

Visual Studio Code 1.117 Expands Copilot Controls for Business and Enterprise User

VS Code 1.117 adds bring-your-own model key support for Copilot Business and Enterprise users and introduces a set of chat, agent, terminal, and TypeScript updates.
XDA Developers on MSN

I stopped switching to a terminal to run scripts once I found VS Code's task runner

The hidden VS Code tool has replaced the terminal for me.
How-To Geek on MSN

10 VS Code extensions I can't live without

Try these extensions and you'll wonder how you ever lived without them!