GlassWorm, a self-propagating malware targeting Visual Studio Code (VS Code) extensions on the Open VSX marketplace, have apparently continued despite statements that the threat had been contained.

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...

A self-propagating worm is targeting Visual Studio Code (VS Code) extensions in a complex supply chain attack that has infected 35,800 developer machines so far with techniques the likes of which ...

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain remote control, all while posing as legitimate developer tools. In a new ...

Microsoft updated its free MSSQL extension for Visual Studio Code with new Fabric connectivity and provisioning features in public preview, alongside GitHub Copilot slash commands and multiple ...

A new campaign involving malicious Visual Studio Code (VS Code) extensions has exposed a loophole in the VS Code Marketplace that allows threat actors to reuse names of previously removed packages.

Microsoft OneNote has been one of the most popular note-taking apps for many years now, but it’s been missing one important quality-of-life feature—a feature that, according to Microsoft, was “highly ...

OneNote users, take note: Microsoft’s AI assistant can speed up your workflow and perform tasks you never expected in a note-taking app. Here are nine things to try with Copilot in OneNote. Microsoft ...

Extensions installed on almost 1 million devices have been overriding key security protections to turn browsers into engines that scrape websites on behalf of a paid service, a researcher said. The ...

Microsoft has released the source code for the GitHub Copilot Chat extension for VS Code under the MIT license. This provides the community access to the full implementation of the chat-based coding ...