The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
Visual Studio Magazine

VS Code v1.110 Insiders: AI Agents Gain Native Browser Access and Global Instructions

The VS Code 1.110 cycle is putting more 'hands-on' capabilities into chat, led by native browser integration that lets AI agents interact with page elements, capture screenshots, and pull real-time ...
XDA Developers on MSN

I vibe-coded my slides instead of using PowerPoint, and they've never looked better

Sounds weird, I know.
TechRadar

Malicious Microsoft VSCode AI extensions might have hit over 1.5 million users

Two VSCode extensions exfiltrated sensitive user data to Chinese servers ChatGPT – 中文版 and ChatMoss had over 1.5 million installs combined Extensions used hidden iframes, commands, and SDKs to steal ...
TWCN Tech News

Create real-time interactive flowcharts for your code using VS Code CodeVisualizer

In this post, we will show you how to create real-time interactive flowcharts for your code using VS Code CodeVisualizer. CodeVisualizer is a free, open-source Visual Studio Code extension that ...
Visual Studio Magazine

'VS Code for the Web -- Azure' Adds Faster Entry Points for Browser-Based Cloud Development

Microsoft expanded its browser-based development tooling with recent updates to VS Code for the Web -- Azure, introducing faster entry points for moving AI-generated code into an editable, ...
Bleeping Computer

Popular JavaScript library expr-eval vulnerable to RCE flaw

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. The ...
InfoWorld

The JavaScript code won’t write itself

This month’s theme is: Keep an eye on the future but hone your coding craft in the now. Start here, with nine timeless JavaScript coding concepts, a look at Nitro.js—fast becoming the go-to server ...
TechSpot

Microsoft turns to Anthropic's AI for Visual Studio Code, raising eyebrows about OpenAI ties

Editor's take: Microsoft has long been the financial lifeline of OpenAI, but its growing reliance on Anthropic's models suggests that loyalty may be giving way to performance. By favoring Anthropic in ...