Glassworm returns once again with a third round of VS code attacks

The Visual Studio Marketplace and the Open VSX Registry users are targeted once again with infostealing malware.
Visual Studio Magazine

Copilot AI Gets Smarter, More Secure in Visual Studio Previews

Microsoft's Visual Studio 2022 dev team has been focusing on the AI-powered GitHub Copilot coding assistant as it ramps up the next major release, v17.11. After the recent Preview 1, which the company ...
Bleeping Computer

Amazon AI coding agent hacked to inject data wiping commands

A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. Amazon Q is a free extension that uses generative AI to ...
Dark Reading

Plug-ins for Code Editors Pose Developer-Security Threat

Vulnerabilities discovered in two plug-ins for Microsoft's popular Visual Studio Code editor could allow an attacker to execute malware by tricking a developer into clicking a link, software security ...
Visual Studio Magazine

GitHub Copilot Security Study: 'Developers Should Remain Awake' in View of 40% Bad Code Rate

Researchers published a scholarly paper looking into security implications of GitHub Copilot, an advanced AI system now being used for code completion in Visual Studio Code and possibly headed for ...
Dark Reading

Self-Propagating GlassWorm Attacks VS Code Supply Chain

A self-propagating worm is targeting Visual Studio Code (VS Code) extensions in a complex supply chain attack that has infected 35,800 developer machines so far with techniques the likes of which ...
Bleeping Computer

Malicious VSCode extensions with millions of installs discovered

A group of Israeli researchers explored the security of the Visual Studio Code marketplace and managed to "infect" over 100 organizations by trojanizing a copy of the popular 'Dracula Official theme ...