InfoWorld

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
Visual Studio Magazine

How I Built a 'Journalist' AI Agent in VS Code to Replace Me

Having long ago seen the handwriting on the wall for the journalism profession with the debut of GenAI, I decided to just cut to the chase and build my replacement now.
Visual Studio Magazine

Claude Code Edges OpenAI's Codex in VS Code's Agentic AI Marketplace Leaderboard

Claude Code has pulled ahead of OpenAI's Codex in VS Code Marketplace adoption metrics for tools tagged with 'agent,' just one way to judge these tools for your particular needs in this rapidly ...

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...
InfoWorld

Microsoft brings C++ smarts to GitHub Copilot in Visual Studio Code

Updates to GitHub Copilot in VS Code provide the same C++ symbol context and CMake build configuration awareness as Microsoft’s C/C++ DevTools and CMake Tools extensions.

'I knew the risks, I'd do it again' - Moody opens up in new BBC documentary

Ex-England captain Lewis Moody tells former team-mate Ben Youngs he was "very aware" of the risks posed during his career.

Epicurrents—an open-source web browser application for clinical neurophysiology education and scientific research

Clinical neurophysiology examinations include electroencephalography, sleep and vigilance studies, as well as nerve ...

ActiveState Unifies 79M Components to Launch World's Largest Secure Open Source Catalog

The ActiveState catalog grew to 40 million components in mid 2025 when it introduced coverage for Java and R in addition to Python, Perl, Ruby, and Tcl. As of January 2026, the company has expanded ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel domains to stage malware is a tactic that has been adopted by North Korea-linked ...
ZDNet

I tried a Claude Code rival that's local, open source, and completely free - how it went

Free AI tools Goose and Qwen3-coder may replace a pricey Claude Code plan. Setup is straightforward but requires a powerful local machine. Early tests show promise, though issues remain with accuracy ...
News Medical on MSN

Open-source Epicurrents library brings clinical neurophysiology recordings to web browsers

Clinical neurophysiology examinations include electroencephalography, sleep and vigilance studies, as well as nerve conduction recordings. Interpretation of these recordings is largely taught during ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...