SecurityWeek

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

Amazon Q vulnerability could allow attackers to steal developer cloud credentials by luring them into opening a booby-trapped ...
XDA Developers on MSN

7 little-known VS Code extensions that prove it's more than just an IDE

VS Code’s secret weapons ...
Visual Studio Magazine

Open VSX 1.0.0 Puts Focus on Open Extension Registry for VS Code Ecosystem

Eclipse Open VSX has reached 1.0.0, highlighting its role as a vendor-neutral registry for VS Code-compatible extensions.
The Hacker News

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in ...
GitHub

SQL Prompt for VS Code

SQL Prompt is a SQL Server IntelliSense and formatting extension for VS Code. It provides schema-aware table completion with automatic aliasing and a configurable SQL formatter driven by style files, ...
Infosecurity-magazine.com

GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension

GitHub has confirmed that a recent breach into its internal repositories was caused by a vulnerability in a Microsoft Visual Studio Code (VS Code) extension called ‘Nx Console.’ The security team at ...
VentureBeat

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
Windows Report

GitHub Confirms Breach After Malicious VS Code Extension Exposed 3,800 Repositories

GitHub has confirmed that thousands of its internal repositories were breached after an employee installed a malicious Visual Studio Code extension. The incident adds to growing concerns around supply ...
dailycoin

GitHub Breached: Malicious VS Code Extension Exposes 3,800 Repos

18+ · Gambling involves risk. Play responsibly. The breach is significant for developers and crypto infrastructure teams because it highlights how software supply chain attacks can bypass traditional ...
Business Insider

Anthropic doubles its estimate of what Claude Code tokens will cost engineers

You're currently following this author! Want to unfollow? Unsubscribe via the link in your email. The Claude Code costs of months' past are not today's. A quiet change Anthropic made to its website ...
Infosecurity-magazine.com

Cursor Extension Flaw Exposes Developer API Keys

A high-severity vulnerability in the AI-powered development tool Cursor allows installed extensions to access sensitive credentials, exposing API keys and session tokens without any user interaction.
ZDNet

The new rules for AI-assisted code in the Linux kernel: What every dev needs to know

Torvalds and the Linux maintainers are taking a pragmatic approach to using AI in the kernel. AI or no AI, it's people, not LLMs, who are responsible for Linux's code. If you try to mess around with ...