Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

A proof of concept shows how multi-agent orchestration in Visual Studio Code 1.109 can turn a fragile, one-pass AI workflow into a more reliable, auditable process by breaking long tasks into smaller, ...

Copilot Pro+ and Copilot Enterprise users now can run multiple coding agents directly inside GitHub, GitHub Mobile, and ...

The January 2026 update to VS Code (v1.109) transforms the editor into a multi-agent orchestration hub, allowing developers to automate complex, rule-based editorial workflows with proactive context ...

Visual Studio Code 1.109 has been released, primarily bringing new features for handling AI agents. Developers can now follow the response generation of Anthropic Claude models in real-time in the ...

Visual Studio Code releases major updates once a month, and right on schedule, version 1.109 is now rolling out to desktop platforms. It's the continuation of Microsoft's push for making VS Code "the ...

Cline CLI 2.3.0 was published with a stolen npm token, installing OpenClaw in an 8-hour attack affecting ~4,000 downloads.

First malicious Outlook add-in abused an abandoned domain to host a fake Microsoft login page, stealing 4,000+ credentials in a supply chain attack.

Also today, SAP released 27 new and updated security notes, including two that address critical-severity vulnerabilities. Jonathan Stross, SAP security analyst at Pathway, drew attention to a code ...

Microsoft has patched six exploited zero-days in February 2026 Patch Tuesday, addressing 58 vulnerabilities and triggering urgent enterprise remediation.