Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Arabian Post on MSN

Microsoft flags malicious Next.js developer traps

Microsoft has warned that threat actors are exploiting seemingly legitimate Next. js repositories to compromise software developers, embedding staged backdoors inside projects that mimic technical ...
InfoWorld

Microsoft brings C++ smarts to GitHub Copilot in Visual Studio Code

Updates to GitHub Copilot in VS Code provide the same C++ symbol context and CMake build configuration awareness as Microsoft’s C/C++ DevTools and CMake Tools extensions.
Visual Studio Magazine

In Agentic AI, It's All About the Markdown

Markdown is emerging in VS Code and Visual Studio 2026 as a version-controlled instruction layer that governs AI agents, reusable prompts and modular skills alongside traditional documentation.

Pixel Agents Creates a Pixel Office View for Your AI Coding Agents

Pixel Agents adds a pixel office view in VS Code; six character styles show coding, searching, or idle states, useful for ...
Visual Studio Magazine

Claude Code Edges OpenAI's Codex in VS Code's Agentic AI Marketplace Leaderboard

Claude Code has pulled ahead of OpenAI's Codex in VS Code Marketplace adoption metrics for tools tagged with 'agent,' just one way to judge these tools for your particular needs in this rapidly ...

Claude Code Worktrees : Work on Multiple Branches Simultaneously

Claude Code adds native worktree support for parallel branches; needs Git init and one commit, clearer task isolation results.