Visual Studio Magazine

Listen Up: VS Code Insiders Gets a Podcast

Microsoft has launched the VS Code Insiders Podcast, a new behind-the-scenes audio show that digs into experimental features, the people building them and what may be coming next to Visual Studio Code ...
SecurityWeek

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability

Critical React vulnerability tracked as CVE-2025-55182 and React2Shell can be exploited for unauthenticated remote code ...

WordPress’s vibe-coding experiment, Telex, has already been put to real-world use

Though WordPress's Telex is still an experiment, the vibe-coding software has already been used to help build real-world ...
The Hacker News

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

Critical RSC flaws in React and Next.js enable unauthenticated remote code execution; users should update to patched versions ...
CSO Online

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert.

Glassworm malware returns in third wave of malicious VS Code packages

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms.
The Hacker News

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

North Korean actors deployed 197 new npm packages delivering evolved OtterCookie and GolangGhost malware through fake ...