SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
The Hacker News

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

Eclipse Foundation to require pre-publish security checks for Open VSX extensions to reduce VS Code supply-chain risk.
InfoWorld

Visual Studio Code update shines on coding agents

Visual Studio Code 1.109 introduces enhancements for providing agents with more skills and context and managing multiple ...

GlassWorm Malware Hits macOS Through Trusted Open VSX Extensions

Cybersecurity researchers from Socket’s Threat Research team have identified a developer-compromise supply chain attack ...

The permissions behind your AI Chrome extensions deserve a closer look - they may be spying on you

The permissions behind your AI Chrome extensions deserve a closer look - they may be spying on you ...
Visual Studio Magazine

VS Code 1.109 Deemed a Multi-Agent Development Platform

The January 2026 release of Visual Studio Code expands AI-assisted development with structured planning agents, parallel ...
Visual Studio Magazine

Beyond the Magic Word: Testing VS Code 1.109's New Agentic AI Workspace Priming

The January 2026 update to VS Code (v1.109) transforms the editor into a multi-agent orchestration hub, allowing developers ...

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.