Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

VS Code Extensions have transformed the code editor into a productivity powerhouse. GitHub Copilot enables AI-powered autocomplete, multi-line code generation, and context-aware suggestions, helping ...

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...

There's a lot of buzz around OpenClaw lately, so I had to check it out in my favorite editor, VS Code. Turns out this is a nascent space, not much being done with the new it agentic AI tool and the ...

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...

GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

Three supply chain attacks hit npm, PyPI, and Docker Hub between April 21–23, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD ...

A malicious version of the Bitwarden command-line interface (CLI) password manager was briefly distributed via the Node ...

Amid the ongoing GPU shortage, Ocean Network is looking to connect the world’s idle computing power with those who need it.

Aikido Security today launched Aikido Endpoint, a lightweight security agent that protects developer devices against software ...

Microsoft on Tuesday announced TypeScript 7.0 Beta, marking the public beta debut of the company's Go-based rework of the language's compiler and tooling stack. The release is positioned as a major ...