SecurityWeek

Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware

Visual Studio developers are targeted with a self-propagating worm in a sophisticated supply chain attack through the OpenVSX ...

Dangerous and invisible worm found in Visual Studio Code extensions

A malware that steals credentials and cryptocurrencies uses Unicode for invisible code and installs a remote access trojan.
InfoWorld

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain ...

Self-spreading GlassWorm malware hits OpenVSX, VS Code registries

A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with ...
InfoWorld

Visual Studio Code taps AI for merge conflict resolution

VS Code 1.105 also introduces a built-in MCP server marketplace and allows users to resume recent Copilot Chat sessions.