The Hacker News

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...
InfoWorld

Visual Studio Code 1.114 streamlines AI chat

Latest weekly update supports previewing videos in the image carousel, adds a Copy Final Response command to the chat context ...
InfoWorld

Visual Studio Code 1.115 introduces VS Code Agents app

Preview of new companion app allows developers to run multiple agent sessions in parallel across multiple repos and iterate ...
Visual Studio Magazine

Can OpenClaw Challenge Copilot in VS Code?

A proof of concept used OpenClaw's localhost dashboard inside VS Code's integrated browser to compare it directly with Copilot on the same SKILL.md file, finding that OpenClaw delivered broader, more ...
SecurityWeek

North Korean Hackers Target High-Profile Node.js Maintainers

The North Korean threat actor behind the Axios supply chain attack has been targeting high-profile Node.js maintainers.
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.
The Hacker News

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.