SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

JavaScript: webpack is unpopular – but most used

In a new study, Vite is the most popular JavaScript tool, nearly surpassing webpack in usage. Only two percentage points separate them.
The Hacker News

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

First malicious Outlook add-in abused an abandoned domain to host a fake Microsoft login page, stealing 4,000+ credentials in a supply chain attack.
How-To Geek on MSN

Visual Studio Code has new experimental themes and more AI coding features

The January 2026 update has arrived.
Visual Studio Magazine

Beyond the Magic Word: Testing VS Code 1.109's New Agentic AI Workspace Priming

The January 2026 update to VS Code (v1.109) transforms the editor into a multi-agent orchestration hub, allowing developers ...
Visual Studio Magazine

Hands On with New Multi-Agent Orchestration in VS Code

A proof of concept shows how multi-agent orchestration in Visual Studio Code 1.109 can turn a fragile, one-pass AI workflow into a more reliable, auditable process by breaking long tasks into smaller, ...
InfoWorld

Beyond NPM: What you need to know about JSR

Here's how the JavaScript Registry evolves makes building, sharing, and using JavaScript packages simpler and more secure ...