The web version of the VS Code editor on GitHub.dev had a security vulnerability that allowed attackers to take over all of a ...

There's another likely North Korean-linked scam hitting developers and their employers, while snarfing up credentials and ...

To reach protected secrets, the macOS and Linux versions show a fake password dialog, then reuse the captured password to ...

Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day ...

Eight innovative tools that are reimagining web applications and how we build them. Welcome to the Great Unbloating.

GitHub disabled 73 Microsoft repositories on June 5 after a malicious commit landed in an Azure project, in what researchers described as a supply chain attack aimed at developer workstations and AI ...

Microsoft has confirmed that it temporarily removed several GitHub repositories after a large-scale malware campaign ...

VS Code 1.123 adds a two-hour delay before extensions auto-update to newer versions when automatic updates are enabled.

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

The agent is doing the actual work, and VS Code is just a window.

Microsoft released Visual Studio Code 1.123 on June 3, adding agent-focused features, larger model context support, integrated browser updates and a new delay for some automatic extension updates.