Latest VS Code update introduces prepackaged bundles of chat customizations that can include skills, commands, agents, MCP ...

Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Visual Studio Code 1.110 (February 2026) adds new agent extensibility, browser-driving chat tools, and expanded chat accessibility.

TypeScript 6.0 RC represents the final major release built on the current JavaScript-based compiler. The upcoming TypeScript 7.0 will use a Go-based native implementation for enhanced speed and memory ...

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

Microsoft has updated Windows App Development CLI to v0.2, adding .NET support, manifest placeholders, and Microsoft Store ...

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Google also enables auto-approval of AI agents while their documentation warns against it Microsoft's Visual Studio Code (VS Code) is moving to a weekly release cycle, as well as joining Google in ...