Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
InfoWorld

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...

Google Chrome ships WebMCP in early preview, turning every website into a structured tool for AI agents

Google and Microsoft's new WebMCP standard lets websites expose callable tools to AI agents through the browser — replacing ...
Visual Studio Magazine

Claude Code Edges OpenAI's Codex in VS Code's Agentic AI Marketplace Leaderboard

Claude Code has pulled ahead of OpenAI's Codex in VS Code Marketplace adoption metrics for tools tagged with 'agent,' just one way to judge these tools for your particular needs in this rapidly ...

Denver launches energy code overhaul, plans to avoid Energize Denver confusion

The goal is to balance climate targets with cost concerns from the development community, city officials say.
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

The Supreme Court struck down some tariffs. Don't expect falling prices.

The Supreme Court struck down some of President Donald Trump's tariffs last week, but that doesn't mean prices will come down any time soon.

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...

React survey shows TanStack gains, doubts over server components

Not everyone's convinced React belongs on the server as well as in the browser Devographics has published its State of React ...
ZDNet

OpenAI's new Spark model codes 15x faster than GPT-5.3-Codex - but there's a catch

OpenAI targets "conversational" coding, not slow batch-style agents. Big latency wins: 80% faster roundtrip, 50% faster time-to-first-token. Runs on Cerebras WSE-3 chips for a latency-first Codex ...
XDA Developers on MSN

Google Antigravity is the best fork of Microsoft VS Code and it’s not even close

Stop using standard VS Code ...