Bleeping Computer

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
SecurityWeek

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover

Orca has discovered a supply chain attack that abuses GitHub Issue to take over Copilot when launching a Codespace from that ...
InfoQ

OpenAI Codex-Spark Achieves Ultra-Fast Coding Speeds on Cerebras Hardware

In a major shift in its hardware strategy, OpenAI launched GPT-5.3-Codex-Spark, its first production AI model deployed on ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
GitHub

Azure DevOps PR Explorer

Review and manage Azure DevOps Pull Requests without leaving VS Code. Browse pull requests across all your Azure DevOps repositories, view file diffs with a folder tree, add inline comments, vote, ...
GitHub

ChrisMunnPS/WinGet-Application-Manager

WinGet Application Manager transforms Microsoft's command-line WinGet package manager into a beautiful, user-friendly desktop application. Built entirely in PowerShell with WPF, it provides enterprise ...