The Register on MSN

Fake 'interview' repos lure Next.js devs into running secret-stealing malware

Come for the coding test, stay for the C2 traffic Next.js developers are once again in the crosshairs as hackers seed ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
InfoWorld

Microsoft brings C++ smarts to GitHub Copilot in Visual Studio Code

Updates to GitHub Copilot in VS Code provide the same C++ symbol context and CMake build configuration awareness as Microsoft’s C/C++ DevTools and CMake Tools extensions.
The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
InfoWorld

Visual Studio Code update shines on coding agents

Visual Studio Code 1.109 introduces enhancements for providing agents with more skills and context and managing multiple agent sessions in parallel. Microsoft has released Visual Studio Code 1.109, ...
The Verge

GitHub adds Claude and Codex AI coding agents

Microsoft-owned GitHub continues to embrace OpenAI and Anthropic AI advances. Microsoft-owned GitHub continues to embrace OpenAI and Anthropic AI advances. is a senior editor and author of Notepad, ...