InfoWorld

Visual Studio Code update shines on coding agents

Visual Studio Code 1.109 introduces enhancements for providing agents with more skills and context and managing multiple agent sessions in parallel. Microsoft has released Visual Studio Code 1.109, ...
Visual Studio Magazine

WinForms Gets Some AI Love in Visual Studio February Update

Microsoft's Visual Studio February Update (18.3) adds new Copilot agents and workflows for WinForms guidance, test generation, call stack analysis, profiling with unit tests, C++ modernization, and ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...
InfoWorld

Microsoft warns of job‑themed repo lures targeting developers with multi‑stage backdoors

Attackers used “technical assessment” projects with repeatable naming conventions to blend in cloning and build workflows, ...
SecurityWeek

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover

Orca has discovered a supply chain attack that abuses GitHub Issue to take over Copilot when launching a Codespace from that ...
Visual Studio Magazine

VS Code Team Member Blames User Trust Decisions in Repo-Based Attacks

A Hacker News commenter identifying as a VS Code team member said Workspace Trust is the intended security protection against repo-based attacks. The commenter acknowledged user experience issues and ...