Malicious AI-made extension with ransomware capabilities sneaks on to Microsoft's official VS Code marketplace - so devs beware

A malicious extension was published on Microsoft’s official VS Code marketplace, and was able to remain there for some time ...
Dark Reading

'Ransomvibing' Infests Visual Studio Extension Market

A published VS Code extension didn't hide the fact that it encrypts and exfiltrates data and also failed to remove obvious signs it was AI-generated.
Dark Reading

GlassWorm Returns, Slices Back into VS Code Extensions

GlassWorm, a self-propagating VS Code malware first found in the Open VSX marketplace, continues to infect developer devices ...
Windows Report

Microsoft Details Roadmap for Visual Studio, Featuring New Agents and GPT-5 Codex

Microsoft’s November Visual Studio roadmap highlights new AI agents, GPT-5 Codex integration, and improved MCP governance.
InfoQ

Redis Critical Remote Code Execution Vulnerability Discovered After 13 Years

This critical (CVSS 10.0) use-after-free (UAF) vulnerability in Lua scripting could allow authenticated attackers to execute ...