Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
MUO on MSN

VS Code's open source claim is misleading — here's the truly open source version

It says it is, but the reality is a little blurry.
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
InfoWorld

Why ‘boring’ VS Code keeps winning

Every few months, the developer tool hype machine finds a new hero. In 2023, it was GitHub Copilot, the AI pair programmer that made autocomplete feel like magic. In 2024, the vibe shifted to Cursor ...

GitHub developers targeted by fake VS Code alerts spreading malware

The 'Discussions' section is being manipulated into delivering malware to software devs.