Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

In a new study, Vite is the most popular JavaScript tool, nearly surpassing webpack in usage. Only two percentage points separate them.

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

Before Claude Code wrote its first line of code, Vercel was already in the vibe coding space with its v0 service. The basic idea behind the original v0, which launched in 2024, was essentially to be ...

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...

The third developer beta of iOS 26.2 is here with changes to AirDrop and updates to the Measure app. Here's what's new. The first developer beta of iOS 26.2, meanwhile, offered even more ways of ...

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities that appears to be created with the help of artificial intelligence – in ...

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...

A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with self-spreading malware called GlassWorm that has been installed an estimated ...