Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

Anyone can do it!

Discover the leading AI code review tools reshaping DevOps practices in 2026, enhancing code quality, security, and team productivity with automated solutions.

The Supreme Court is taking up a case on whether Paramount violated the 1988 Video Privacy Protection Act (VPPA) by ...

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

Please create an issue before adding a rating. Keep in mind that I work full-time. I'd LOVE to have more contributors. See the Contributing section below. yarn add -D ...

With Visual Studio Code 1.107, developers can use GitHub Copilot and custom agents together and delegate work across local, background, and cloud agents. Just-released Visual Studio Code 1.107, the ...

Microsoft has released Visual Studio Code version 1.107 (November 2025) to the general public. A major theme for this release is the enhancement of agents, introducing multi-agent orchestration and ...

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...

Microsoft is previewing a new AI-assisted tool for Visual Studio Code Insiders called the JavaScript/TypeScript Modernizer. It's designed to help developers modernize older JavaScript or TypeScript ...

You start by getting the official installer from the Visual Studio Code website. Open your preferred browser on Windows. Go to the Visual Studio Code download page ...