Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.

This hands-on PoC shows how I got an open-source model running locally in Visual Studio Code, where the setup worked, where it broke down, and what to watch out for if you want to apply a local model ...

You can now run LLMs for software development on consumer-grade PCs. But we’re still a ways off from having Claude at home.

Anthropic's Claude Code for VS Code has surpassed OpenAI's Codex extension in Visual Studio Code Marketplace installs and review volume despite launching later. OpenAI positions Codex as an IDE ...

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

Pixel Agents integrates animated pixel art characters into Visual Studio Code (VS Code) to create a virtual workspace for managing AI-driven workflows. Demonstrated by Nate Herk , this extension ...

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, ...

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

VS Code keeps adding new features as time goes on, and if you weren't careful, you likely missed things like sticky scroll, zen mode, and more.

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...

Sci-fi stories ask “what if,” and they answer “then what.” Whether the film is an exciting blockbuster, a tiny and ambitious ...