GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
Visual Studio Magazine

Going Local (& a Bit Loco) with Open-Source AI in VS Code

This hands-on PoC shows how I got an open-source model running locally in Visual Studio Code, where the setup worked, where it broke down, and what to watch out for if you want to apply a local model ...
PC Magazine

Phony Claude Code Install Guides Trick Vibe Coders Into Installing Malware

Would-be vibe coders looking to experiment with Claude Code are being targeted by malicious install guide websites that pop up in Google search results and install malware when executed. Dubbed ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
Visual Studio Magazine

Hands On: Building an MCP Server with VS Code AI Toolkit's New Tool Catalog

Microsoft's AI Toolkit extension for VS Code now includes a Tool Catalog that can scaffold a Python or TypeScript MCP server with the core transport and registration plumbing already set up. In ...
XDA Developers on MSN

I replaced VS Code with this open-source editor and it's faster, lighter, and runs all my extensions

You also get to escape Microsoft telemetry tracking too.