The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.
techtimes

Claude Code vs ChatGPT Codex: Which AI Coding Agent is Actually the Best in 2026

AI coding agents are reshaping how developers write, debug, and maintain software in 2026. The debate around Claude Code vs ChatGPT Codex highlights two distinct philosophies: local-first reasoning ...
The New York Times

Tigers vs. Red Sox: Which American League rotation reigns supreme?

Tarik Skubal and Garrett Crochet finished first and second in the 2025 American League Cy Young Award voting. Illustration: Kelsea Petersen / The Athletic; Photos: Ishika Smart, Steph Chambers / Getty ...
CSOonline

Flaws in four popular VS Code extensions left 128 million installs open to attack

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...
Tom's Guide

Claude Code vs ChatGPT Codex: Which AI coding agent is actually better?

AI I tested Gemini 3 Flash vs Claude 4.6 Opus in 9 tough challenges — here’s the winner AI I tested ChatGPT-5.2 vs Claude 4.6 Opus in 9 tough challenges — here’s the winner AI I swapped ChatGPT for ...
InfoWorld

Visual Studio Code update shines on coding agents

Visual Studio Code 1.109 introduces enhancements for providing agents with more skills and context and managing multiple agent sessions in parallel. Microsoft has released Visual Studio Code 1.109, ...
The Verge

GitHub adds Claude and Codex AI coding agents

Microsoft-owned GitHub continues to embrace OpenAI and Anthropic AI advances. Microsoft-owned GitHub continues to embrace OpenAI and Anthropic AI advances. is a senior editor and author of Notepad, ...
Dark Reading

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

A spear-phishing campaign by North Korean actors is abusing a legitimate feature of Microsoft Visual Studio (VS) Code to gain full remote control of targeted systems. In the campaign, discovered by ...
CSOonline

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...
Bleeping Computer

Microsoft Copilot Studio extension for VS Code now publicly available

Microsoft announced that the Copilot Studio extension for the Visual Studio Code (VS Code) integrated development environment is now available to all users. Developers can use it to build and manage ...
Business Wire

CodeRabbit’s “State of AI vs Human Code Generation” Report Finds That AI-Written Code Produces ~ 1.7x More Issues Than Human Code

SAN FRANCISCO--(BUSINESS WIRE)--CodeRabbit, the leading AI-powered code review platform, today released the “State of AI vs Human Code Generation”, a comprehensive new report analyzing the quality of ...
Infosecurity-magazine.com

Malware Discovered in 19 Visual Studio Code Extensions

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...