Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...
The Hacker News

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.
Visual Studio Magazine

Visual Studio Code 1.114 Keeps Weekly Cadence Rolling with Chat, Search and TypeScript Updates

A smaller weekly VS Code release adds chat workflow refinements, semantic search changes, TypeScript 6.0, and new admin controls.
CSO Online

LangChain path traversal bug adds to input validation woes in AI pipelines

The path traversal flaw, allowing access to arbitrary files, adds to a growing set of input validation issues in AI pipelines.
Visual Studio Magazine

Creating a Custom AI Agent in New Visual Studio 2026 Insiders Build

A quick hands-on proof of concept shows how Visual Studio's new custom-agent framework can be aimed at a real Blazor project, along with what else is new in the March update.
GitHub

0020-pull-in-stdio-h-for-gcc14.patch

Subject: [PATCH] com32/lib/syslinux/debug.c: add missing stdio.h include. Fix building syslinux with GCC 14.x Add missing stdio.h include. Without it results in the ...
GitHub

003-stdio.h-ignore-Wformat-nonliteral-in-snprintf-and-sp.patch

/include/fortify/stdio.h:101:9: error: format not a string literal, argument types not checked [-Werror=format-nonliteral] ...