The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain ...
ADTmag

Visual Studio Code Moves to Weekly Releases Starting with Version 1.111

Microsoft’s Visual Studio Code development environment will move from monthly updates to a weekly release schedule, beginning with version 1.111, according to the development team.
Visual Studio Magazine

Visual Studio Code 1.112 Adds Integrated Browser Debugging, More Copilot CLI Control

Visual Studio Code 1.112, released March 18, expands Copilot agent autonomy, adds MCP server sandboxing on macOS and Linux, enables in-editor web app debugging, and broadens monorepo support for agent ...
How-To Geek on MSN

Android's sideloading changes, the big Visual Studio Code update, better Linux phones, and more: News roundup

Everything you may have missed from the past week.
Bleeping Computer

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext of installing legitimate ...
Hosted on MSN

Phony Claude code install guides trick Vibe coders into installing malware

Would-be vibe coders looking to experiment with Claude Code are being targeted by malicious install guide websites that pop up in Google search results and install malware when executed. Dubbed ...