Microsoft just made it possible to use VS Code completely offline with local AI

Coding in restricted environments just got easier. VS Code 1.122 brings air-gapped AI support and powerful new tools to test ...
Martin Cid Magazine

GlassWorm hid invisible code in VS Code extensions for a year before its takedown

For more than a year, a self-propagating worm rode VS Code extensions, npm packages, and stolen developer credentials through ...
XDA Developers on MSN

A poisoned VS Code extension led to a GitHub breach, and Microsoft owns every link in the chain

Microsoft has had a VS Code extension for a long time, and it finally came back to bite them.
Tech Times

Claude Code Plugins Get Official Directory: Anthropic Flags Unverified MCP Risks

Claude Code plugins now have an official Anthropic-managed directory at github.com/anthropics/claude-plugins-official, consolidating 30-plus internal and 15 vetted external Claude Code extensions behi ...
Tech Times

500 Poisoned Packages, Hundreds of Companies: TeamPCP’s Worm Just Reached GitHub

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...

Hackers breach GitHub and access 3,800 internal repositories now listed for sale

GitHub has said it found about 3,800 internal repositories accessed in the breach and stressed that these contained its own code rather than customer projects. The ...