SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
The Hacker News

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

First malicious Outlook add-in abused an abandoned domain to host a fake Microsoft login page, stealing 4,000+ credentials in ...
InfoWorld

Visual Studio Code update shines on coding agents

Visual Studio Code 1.109 introduces enhancements for providing agents with more skills and context and managing multiple ...

Microsoft starts with previews for .NET 11.0

Two months after .NET 10.0, Microsoft starts preview series for version 11, primarily with innovations in the web frontend framework Blazor.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
The Register on MSN

Three AI engines walk into a bar in single file

Meet llama3pure, a set of dependency-free inference engines for C, Node.js, and JavaScript Developers looking to gain a ...
WinBuzzer

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install ...