Dark Reading

'Ransomvibing' Infests Visual Studio Extension Market

A published VS Code extension didn't hide the fact that it encrypts and exfiltrates data and also failed to remove obvious signs it was AI-generated.
Visual Studio Magazine

Microsoft Details How 'Agents Took Over VS Code in 2025'

Microsoft's unified agent experience in VS Code consolidates Copilot, Codex, and custom agents, introducing Agent Sessions, a ...

ViVeTool: Unlock Windows features Microsoft doesn’t want you to see

The tool works on all current builds of Windows 10 and Windows 11 and uses the same internal A/B test logic that Microsoft ...
SecurityWeek

GlassWorm Malware Returns to Open VSX, Emerges on GitHub

The GlassWorm malware has reared its ugly head again in the Open VSX registry, roughly two weeks after being removed.

Malicious AI-made extension with ransomware capabilities sneaks on to Microsoft's official VS Code marketplace - so devs beware

A malicious extension was published on Microsoft’s official VS Code marketplace, and was able to remain there for some time gathering downloads and infecting people’s computers.