VS Code 1.123 adds a two-hour delay before extensions auto-update to newer versions when automatic updates are enabled.

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

VS Code agents are now in Stable preview, and the 1.122 update removed the GitHub OAuth requirement from BYOK, letting defense, healthcare, and finance developers run fully air-gapped AI-assisted ...

GitHub Copilot multi-agent support for VS Code launched at Microsoft Build 2026 alongside Project Polaris, an in-house AI ...

Immutable Linux is the future of OS security, but the current distributions do have one particular limitation that RakuOS has ...

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate approximately 3,800 of GitHub's internal source code repositories — everythi ...

MAI models, GitHub Copilot desktop app, Project Solara, Windows dev tools, and the full agent stack explained.

Microsoft has had a VS Code extension for a long time, and it finally came back to bite them.

Anthropic's Mythos Preview was highly effective at finding vulnerability candidates, especially when analyzing source code.

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard ...

The Surface RTX Spark Dev Box brings back Microsoft's experimental design era with a wild unique chassis and 1 petaflop of ...