eWeek

Fake AI Chrome Extensions Exposed 260,000 Users, Targeting Gmail

Over 260,000 users installed fake AI Chrome extensions that used iframe injection to steal browser and Gmail data, exposing ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor ...
The Hacker News

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Cybersecurity researchers have disclosed details of a malware campaign that's targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual ...
Bleeping Computer

Microsoft Copilot Studio extension for VS Code now publicly available

Microsoft announced that the Copilot Studio extension for the Visual Studio Code (VS Code) integrated development environment is now available to all users. Developers can use it to build and manage ...
Infosecurity-magazine.com

Malware Discovered in 19 Visual Studio Code Extensions

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...
winbuzzer.com

Google Releases Colab Extension for VS Code

Google has launched an official Colab extension for Visual Studio Code, aiming to bridge the gap between local development and powerful cloud computing for AI and machine learning. The new tool allows ...
VentureBeat

Only 9% of developers think AI code can be used without human oversight, BairesDev survey reveals

Senior software developers are preparing for a major shift in how they work as artificial intelligence becomes central to their workflows, according to BairesDev’s latest Dev Barometer report ...
cryptopolitan

3 VS Code extensions stealing credentials for GitHub, VSX, and crypto wallets

Cybersecurity firm Koi Security uncovers a new wave of the GlassWorm campaign, which hides malware in invisible Unicode code within VS Code extensions. The malware steals GitHub, Open VSX, and crypto ...
Dark Reading

GlassWorm Returns, Slices Back into VS Code Extensions

GlassWorm, a self-propagating malware targeting Visual Studio Code (VS Code) extensions on the Open VSX marketplace, have apparently continued despite statements that the threat had been contained.
Upstream

US LNG developer gets regulatory green light for project extension

US regulators have approved Commonwealth LNG’s request for more time to bring its liquefied natural gas export terminal into service. Commonwealth on 2 October submitted a letter to the Federal Energy ...
InfoWorld

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...