Visual Studio Code 1.112, released March 18, expands Copilot agent autonomy, adds MCP server sandboxing on macOS and Linux, enables in-editor web app debugging, and broadens monorepo support for agent ...

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and enabling remote control.

Visual Studio Code 1.109 introduces enhancements for providing agents with more skills and context and managing multiple agent sessions in parallel. Microsoft has released Visual Studio Code 1.109, ...

Agents, browser debugging, and deprecation of Edit Mode are all highlighted in the latest versions of the popular code editor.

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Everything you may have missed from the past week.

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

VS Code keeps adding new features as time goes on, and if you weren't careful, you likely missed things like sticky scroll, zen mode, and more.

Multi-agent orchestration makes workflow more inspectable, with clear handoffs and a QA backstop. Breaking the work into discrete steps makes the output easier to audit and fix. A timestamped handoff ...

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies ...

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

A large-scale GlassWorm malware campaign targeting developer platforms appears to be significantly more extensive and sophisticated than previously ...