SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...
InfoWorldOpinion

How to stop the AI code generation treadmill

Piling on guardrails is the sign of a system permanently compensating for its own unreliability. There’s a better approach.
Visual Studio Magazine

VS Code 1.123 Adds Agent Session Sync, 1M Context Windows

Microsoft released Visual Studio Code 1.123 on June 3, adding agent-focused features, larger model context support, integrated browser updates and a new delay for some automatic extension updates.
The Next Web

One click on GitHub.dev is all it takes to hand over your private repositories

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.
Hosted on MSN

Ramesses II’s lost military fort reveals a bronze sword

Archaeologists in northern Egypt have uncovered a vast mudbrick military complex from the reign of Ramesses the Great. Inside were barracks, storerooms, food remains, weapons, amulets, and a bronze ...
How-To Geek on MSN

Stop wasting keystrokes: VS Code's command palette is faster than you think

Your VS Code workflow is probably slower than it needs to be, but if you use the Command Palette you'll be faster.
Martin Cid Magazine

GlassWorm hid invisible code in VS Code extensions for a year before its takedown

For more than a year, a self-propagating worm rode VS Code extensions, npm packages, and stolen developer credentials through ...