Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.

Do you have one of these 17 browser extensions? They could be tracking your browsing history.

Cybersecurity researchers identified malware-infected browser extensions on Chrome, Firefox, and Edge browsers.
Visual Studio Magazine

Hands On: Testing Cursor, Windsurf and VS Code on Text-to-Website Generation

A hands-on comparison shows how Cursor, Windsurf, and Visual Studio Code approach text-to-website generation differently once ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
GitHub

OpenForgeProject/vscode-ddev-phpstan

This extension integrates PHPStan with Visual Studio Code using DDEV as the runtime environment. It provides real-time static analysis for PHP projects running in DDEV containers.