The Hacker News

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

AI-based VS Code forks recommended unclaimed extensions, allowing malicious uploads in Open VSX and risking developer systems ...
Dark Reading

Self-Propagating GlassWorm Attacks VS Code Supply Chain

A self-propagating worm is targeting Visual Studio Code (VS Code) extensions in a complex supply chain attack that has infected 35,800 developer machines so far with techniques the likes of which ...
Morningstar

Keeper Security Empowers Developers With Secure Secrets Management in Visual Studio Code

CHICAGO, Nov. 13, 2025 /PRNewswire/ -- Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords and passkeys, infrastructure secrets, remote ...

New GlassWorm Malware Wave Targets Macs Through Fake Crypto Wallet Tools

A new wave of the GlassWorm malware is now targeting macOS developers by hiding malicious code inside fake Visual Studio Code ...
Bleeping Computer

Self-spreading GlassWorm malware hits OpenVSX, VS Code registries

A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with self-spreading malware called GlassWorm that has been installed an estimated ...
Visual Studio Magazine

VS Code 1.106 (October Update) Adds Agent HQ, New Security Controls

The latest monthly update to Visual Studio Code, version 1.106, continues the product's focus on AI-assisted workflows with new agent management capabilities, enhanced security and trust options, and ...
SD Times

Keeper Security Empowers Developers With Secure Secrets Management in Visual Studio Code

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...