A new campaign involving malicious Visual Studio Code (VS Code) extensions has exposed a loophole in the VS Code Marketplace that allows threat actors to reuse names of previously removed packages.
VS Code’s secret weapons ...
Threat actors continue to probe Visual Studio Code's extension ecosystem, and a late November incident shows how quickly a trusted developer tool can be turned into a supply chain beachhead. In a ...
VS Code 1.110 stable released March 4, 2026. Agent plugins arrive as prepackaged chat customization bundles (preview). Experimental browser tools let agents read and interact with the integrated ...