SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...
Visual Studio Magazine

Visual Studio May Update Adds Plan Agent, Diff Review Tools

Microsoft highlighted Copilot planning, context visibility, diff review updates and MSVC Build Tools v14.51 in its May Visual Studio update.
Windows Report

New VS Code Zero-Day Lets Attackers Access Private GitHub Repositories

A security researcher has publicly disclosed a new Visual Studio Code zero-day vulnerability that can reportedly let ...
Visual Studio Magazine

VS Code 1.122 Lets BYOK Work Without GitHub Sign-In

Microsoft's May 2026 VS Code update makes BYOK usable in restricted environments while adding agent, browser and issue-reporting updates.

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension - SiliconANGLE ...
Morning Overview on MSN

Microsoft unveiled MAI-Code-1-Flash, its first in-house model for turning written descriptions into working source code

Developers who rely on GitHub Copilot inside Visual Studio Code now have a new option built entirely by Microsoft. The ...

Morning Update: Preserving history at a pivot point

Start your morning with context and insight on the day's biggest stories, in your inbox every weekday. Hello. I’m Hamida ...
WinBuzzer

VS Code Exploit Can Steal GitHub Tokens via github.dev

A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a patch.
Martin Cid Magazine

GlassWorm hid invisible code in VS Code extensions for a year before its takedown

For more than a year, a self-propagating worm rode VS Code extensions, npm packages, and stolen developer credentials through ...