Bleeping Computer

Malicious AI extensions on VSCode Marketplace steal developer data

Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
Visual Studio Magazine

VS Code Team Member Blames User Trust Decisions in Repo-Based Attacks

In a a robust Hacker News thread sparked by Jamf Threat Labs research, a VS Code team member defended the editor's Workspace ...
Cybernews

North Korea is turning open-source projects into malware traps

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...
Colorado Public Radio

House passes ACA extension bill, hoping to support a bipartisan compromise in the Senate

The U.S. House passed a three-year extension of a tax credit that makes health insurance more affordable for people who buy coverage on the state marketplace. The bill passed 230 to 196, picking up 17 ...
News 13

CFX to start Poinciana Parkway extension in about 2 years

OSCEOLA COUNTY, Fla — Officials say help is on the way to combat some of the bumper-to-bumper traffic that clogs the streets of Poinciana, but not for about two years. The Central Florida Expressway ...