InfoWorld

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...
CSO Online

Malicious packages in npm evade dependency detection through invisible URL links: Report

Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.
Windows Report

Visual Studio 2026 Launches With Updated UI and GitHub Copilot Upgrades

Visual Studio 2026 brings faster performance, new C# and C++ Copilot agents, and seamless compatibility with existing ...
Visual Studio Magazine

VS Code 1.106 (October Update) Adds Agent HQ, New Security Controls

The October 2025 update to Visual Studio Code (v1.106) introduces Agent HQ for managing AI agents, expands Model Context ...
Windows Report

Microsoft Details Roadmap for Visual Studio, Featuring New Agents and GPT-5 Codex

Microsoft’s November Visual Studio roadmap highlights new AI agents, GPT-5 Codex integration, and improved MCP governance.
Visual Studio Magazine

Hands On with New Visual Studio Copilot 'Planning' Feature (Preview)

Microsoft has introduced a new AI-powered capability called Planning in Visual Studio, now available in public preview as part of Visual Studio 2022 version 17.14. The feature extends GitHub Copilot's ...
Bleeping Computer

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and ...