Dark Reading

'Ransomvibing' Infests Visual Studio Extension Market

A published VS Code extension didn't hide the fact that it encrypts and exfiltrates data and also failed to remove obvious signs it was AI-generated.
Dark Reading

GlassWorm Returns, Slices Back into VS Code Extensions

GlassWorm, a self-propagating VS Code malware first found in the Open VSX marketplace, continues to infect developer devices ...
Visual Studio Magazine

VS Code 1.106 (October Update) Adds Agent HQ, New Security Controls

The October 2025 update to Visual Studio Code (v1.106) introduces Agent HQ for managing AI agents, expands Model Context ...
InfoWorld

How GlassWorm wormed its way back into developers’ code — and what it says about open source security

Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode ...
MP1st

Kingdom Come Deliverance 2 Mysteria Ecclesiae DLC Released Alongside Update 1.050/1.5

Kingdom Come Deliverance 2 update 1.050/1.5 is out on November 11, alongside DLC 3 "Mysteria Ecclesiae" on all platforms.

Malicious AI-made extension with ransomware capabilities sneaks on to Microsoft's official VS Code marketplace - so devs beware

A malicious extension was published on Microsoft’s official VS Code marketplace, and was able to remain there for some time ...