Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
Geeky Gadgets

Connect a Llama 3.1 Chat AI Model to VSCode and Code Faster with Local Replies

The first step in integrating Ollama into VSCode is to install the Ollama Chat extension. This extension enables you to interact with AI models offline, making it a valuable tool for developers. To ...
The Hacker News

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...
Visual Studio Magazine

VS Code Is Latest Microsoft Dev Tooling Weaponized by Threat Actors

Cybersecurity threat actors keep leveraging Microsoft development tooling as attack vectors. The latest incident was reported this month by Cyble, with one of the key takeaways of its report being: ...
InfoQ

Hugging Face Brings Open-Source LLMs to GitHub Copilot Chat in VS Code

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Bleeping Computer

Chinese hackers use Visual Studio Code tunnels for remote access

Chinese hackers targeting large IT service providers in Southern Europe were seen abusing Visual Studio Code (VSCode) tunnels to maintain persistent remote access to compromised systems. VSCode ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.