VS Code 1.127 enhances agent session management, introduces per-site browser permissions, and makes browser tools for agents ...
Wix-owned vibe-coding platform Base44 has started rolling out its own AI model — with hopes that it will eventually ...
With Microsoft's new Dev Configs, a Windows installation becomes a ready-to-use developer workstation with a single command – including WSL and Ubuntu.
Microsoft’s new Surface RTX Spark Dev Box packs Nvidia Blackwell AI power and 128GB of unified memory to run large AI models locally, helping developers cut cloud costs and rethink enterprise AI ...
The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, enabling near-frictionless compromise. A newly disclosed malware strain dubbed ...
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious ...
Bitdefender researchers have discovered a malicious Windsurf IDE (integrated development environment) extension that deploys a multi-stage NodeJS stealer by using the Solana blockchain as the payload ...
The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...
The Container Tools extension makes it easy to build, manage, and deploy containerized applications from Visual Studio Code. It also provides one-click debugging of Node.js, Python, and .NET inside a ...
Attackers are targeting developers with malicious Next.js repositories to perform remote code execution (RCE) and establish a persistent command-and-control (C2) channel on infected machines in a ...
Attackers used “technical assessment” projects with repeatable naming conventions to blend in cloning and build workflows, retrieving loader scripts from remote infrastructure, and minimizing on-disk ...
Microsoft Defender Experts identified a coordinated developer-targeting campaign delivered through malicious repositories disguised as legitimate Next.js projects and technical assessment materials.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results