An extension I used almost every day was bought by a new owner and loaded up with spyware. It happened in 2024, but Google only removed it this week.

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

A sophisticated malware operation targeting software developers has expanded its reach by exploiting trusted extension ecosystems, with security researchers uncovering dozens of malicious packages ...

Microsoft releases Windows Terminal 1.24 and Preview 1.25 with new settings tools, improved keybindings, faster I/O performance, and more.

The new release allows using experimental agent plug-ins and the new Agent Debug Panel offers detailed insights into chat ...

The Open VSX registry, used for installing extensions in editors compatible with Visual Studio Code (VS Code), will run on Amazon Web Services (AWS) infrastructure in Europe as part of a "strategic ...

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...

The Copilot Studio extension for Visual Studio Code is now generally available, allowing agents to be developed and managed directly from the editor. The extension enables software-style workflows for ...