Visual Studio Magazine

Open VSX 1.0.0 Puts Focus on Open Extension Registry for VS Code Ecosystem

Eclipse Open VSX has reached 1.0.0, highlighting its role as a vendor-neutral registry for VS Code-compatible extensions.
SecurityWeek

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

Amazon Q vulnerability could allow attackers to steal developer cloud credentials by luring them into opening a booby-trapped ...
Dark Reading

Amazon Q VS Extension Flaw Leads to Cloud Credential Theft

Adversaries could plant a malicious repository that executes arbitrary code and steals cloud credentials, showcasing MCP risk ...
Visual Studio Magazine

VS Code Keeps Eye on Costs in v1.126 Update

Visual Studio Code 1.126 adds session-level Copilot cost information, continuing Microsoft's recent focus on helping developers monitor and manage usage-based GitHub Copilot billing.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...