The Hacker News

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

Open VSX supply chain attack hijacked VS Code extensions delivered GlassWorm malware stealing macOS, crypto, and developer ...
InfoWorld

Beyond NPM: What you need to know about JSR

Here's how the JavaScript Registry evolves makes building, sharing, and using JavaScript packages simpler and more secure ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
How-To Geek on MSN

Visual Studio Code has new experimental themes and more AI coding features

The January 2026 update has arrived.