AI-first editors and agent-driven tooling intensify competition in the IDE market The Open VSX registry, used for installing extensions in editors compatible with Visual Studio Code (VS Code), will ...

Five malicious Rust crates and an AI bot exploited CI/CD pipelines and GitHub Actions in Feb 2026, stealing developer secrets ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

You can now run LLMs for software development on consumer-grade PCs. But we’re still a ways off from having Claude at home.

I'm taking the road less traveled.

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...

Researchers at OX Security have detected four vulnerabilities in three of the most popular integrated development environments (IDEs) that could lead to cyber-attacks. In a report published on ...

JavaOne Oracle has shipped Java 26, a short-term release, and introduced Project Detroit, which promises faster interop between Java, JavaScript, and Python. Java 26 will be supported for just six ...

You also get to escape Microsoft telemetry tracking too.

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Ludi Akue discusses how the tech sector’s ...