Malicious Microsoft AI extensions might have hit over 1.5 million users

Two VSCode extensions are harvesting sensitive data and sending it to China.
XDA Developers on MSN

I replaced VS Code with Google’s Antigravity and the results actually shocked me

The VS Code killer I wasn’t expecting ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...
GitHub

Visual Studio Code PDF Viewer

This extension runs the latest pdf.js underneath. A demo of their editor (hence ours) can be found here. Most extensions currently in the marketplace have problems too deep to fix. These problems ...

ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...
GitHub

Cody for Visual Studio

Sourcegraph’s AI code assistant goes beyond individual dev productivity, helping you achieve consistency and quality at scale with AI. Sourcegraph accelerates the entire workflow for developers by ...