Microsoft shipped four VS Code releases across May and early June 2026 — versions 1.120 through 1.123 — that together crossed a threshold the company had been approaching for more than a year: ...
Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in ...
GitHub has confirmed that a recent breach into its internal repositories was caused by a vulnerability in a Microsoft Visual Studio Code (VS Code) extension called ‘Nx Console.’ The security team at ...
Track token cost, catch retry loops, and audit every session with Argus — a free open-source VS Code extension. You spent an hour with Claude Code. The terminal scrolled by, the feature shipped, you ...
Hackers exfiltrated roughly 3,800 of GitHub Inc.’s internal code repositories after one of its employees installed a poisoned Visual Studio Code extension, the Microsoft Corp.-owned developer platform ...
GitHub confirmed on May 20 that a poisoned VS Code extension installed on an employee’s device gave attackers access to roughly 3,800 internal repositories at the Microsoft-owned code storage and ...
GitHub confirmed that the cybercrime group TeamPCP exfiltrated roughly 3,800 internal code repositories after compromising an employee device through a poisoned VS Code extension. The Microsoft-owned ...
18+ · Gambling involves risk. Play responsibly. The breach is significant for developers and crypto infrastructure teams because it highlights how software supply chain attacks can bypass traditional ...
Update May 21: GitHub has now linked this breach to the TanStack npm supply-chain attack and says the employee installed a malicious version of the Nx Console extension. GitHub has confirmed that ...
GitHub isolates internal systems; threat group TeamPCP targets an employee device via a poisoned VS Code extension to access 3,800 repos. Summary is AI generated, newsroom reviewed. A malicious VS ...