GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
InfoWorld

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...
InfoWorld

Microsoft brings C++ smarts to GitHub Copilot in Visual Studio Code

Updates to GitHub Copilot in VS Code provide the same C++ symbol context and CMake build configuration awareness as Microsoft’s C/C++ DevTools and CMake Tools extensions. Microsoft has introduced C++ ...
GitHub

Source code spell checker for Visual Studio Code and LSP clients

typos is a low false-positive source code spell checker. This project exposes typos via a Language Server Protocol (LSP) server and Visual Studio Code extension to provide a fast, low memory, ...
GitHub

CodeCursor (Cursor for Visual Studio Code)

What's Cursor? And Why This Extension? Cursor is an AI code editor based on OpenAI GPT models. You can write, edit, and chat about your code with it. At this time, Cursor is only provided as a ...
Bleeping Computer

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...