Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
InfoWorld

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
InfoWorld

Last JavaScript-based TypeScript arrives in beta

TypeScript 6.0 is intended to be the last release based on the current JavaScript codebase, before a Go-based compiler and language service debuts in TypeScript 7.0.
InfoQ

OpenAI Publishes Codex App Server Architecture for Unifying AI Agent Surfaces

OpenAI has recently published a detailed architecture description of the Codex App Server, a bidirectional protocol that decouples the Codex coding agent's core logic from its various client surfaces.
The Hacker News

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.