GitHub developers targeted by fake VS Code alerts spreading malware

Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

GenAI in Business: Leveraging the Existing .NET Foundation

Generative AI with .NET from SDKs and streaming to tools and agents: an overview of OpenAI, Azure, and the new Microsoft ...
Visual Studio Magazine

Getting My OpenClaw Around VS Code

A hands-on test found that OpenClaw can work with VS Code for file-based drafting and source-driven synthesis, but the current experience is still centered on a local gateway and workspace model rathe ...
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
WinBuzzer

OpenAI Acquires Python Toolmaker Astral to Boost Codex AI Agent

OpenAI has acquired Astral, the company behind Python tools uv and Ruff, to integrate them into its Codex platform as it ...
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...

Dow, S&P 500 lower as Middle East tensions escalate, miners lead fallers

Another broad decline in markets as attacks on Gulf energy sites sent energy prices soaring to three-year highs ...

OpenAI to buy Python toolmaker Astral to take on Anthropic

OpenAI said on Thursday it will acquire Python toolmaker Astral, as ‌the ChatGPT owner looks to strengthen its ‌portfolio ...
Cybernews

Hundreds of code repos falling like dominoes, infected by new wave of self-replicating malware

A massive, self-replicating GlassWorm supply-chain attack has compromised hundreds of code repositories and extensions on ...
InfoWorld

I ran Qwen3.5 locally instead of Claude Code. Here’s what happened.

You can now run LLMs for software development on consumer-grade PCs. But we’re still a ways off from having Claude at home.