Malicious Microsoft AI extensions might have hit over 1.5 million users

Two VSCode extensions are harvesting sensitive data and sending it to China.

Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
Visual Studio Magazine

C++ Joins C# in Visual Studio's Deep Copilot Tier

Microsoft is expanding GitHub Copilot's deepest Visual Studio integration to C++, giving the AI assistant compiler-backed insight into entire C++ codebases so it can refactor and modify projects ...
AOL

7 Landscaping Decisions That Make Yard Work Harder Without Adding Visual Appeal

Maintaining a beautiful yard is often a source of pride for homeowners, but some landscaping choices can complicate your gardening efforts without enhancing the visual appeal of your outdoor space. If ...
InfoWorld

Visual Studio Code adds multi-agent orchestration

With Visual Studio Code 1.107, developers can use GitHub Copilot and custom agents together and delegate work across local, background, and cloud agents. Just-released Visual Studio Code 1.107, the ...
Hosted on MSN

Adding snow and rain to photos for visual drama

Techniques for making your photos stand out with weather effects. Culture Quest is your front-row seat to everything pop culture! From the latest movies and music to TV buzz, celebrity news, and hot ...
Infosecurity-magazine.com

Malware Discovered in 19 Visual Studio Code Extensions

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...
Dark Reading

Copilot's No-Code AI Agents Liable to Leak Company Data

Artificial intelligence (AI) agents are a breeze to create using Microsoft Copilot Studio, and almost just as easy to manipulate into divulging sensitive corporate data. Despite broad security ...
Morningstar

Visual DB Partners with SQLite to Bring a Modern UI to the World's Most Widely Deployed Database

SEATTLE, Dec. 4, 2025 /PRNewswire/ -- Visual DB today announced a new partnership with SQLite, the embedded relational database engine used in billions of devices worldwide. Through this collaboration ...
Bleeping Computer

Glassworm malware returns in third wave of malicious VS Code packages

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms. OpenVSX and ...
InfoQ

Code Arena Launches as a New Benchmark for Real-World AI Coding Performance

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
CSOonline

Claude AI vulnerability exposes enterprise data through code interpreter exploit

Security researcher demonstrates how attackers can hijack Anthropic’s file upload API to exfiltrate sensitive information, even with network restrictions enabled. A newly disclosed vulnerability in ...