The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
InfoWorld

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

VS Code: Python Environments Extension generally available

The new extension for Visual Studio Code aims to end the previous fragmentation and ensure a uniform workflow with Python environments.
InfoWorld

GitHub readies agents to automate repository maintenance

A technical preview promises to take on the unrewarding work in DevOps, but questions remain about controls over costs and access.

Google rolls out Gemini 3.1 Pro with upgraded reasoning capabilities

The new model builds on recent upgrades to Gemini’s core intelligence and marks a shift in Google’s update cycle, replacing the usual mid-year “.5” release pattern.
Infosecurity Magazine

Flaws in Popular Software Development App Extensions Allow Data Exfiltration

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain ...
Visual Studio Magazine

Building Real-World Web Apps with ASP.NET Core Razor Pages

Microsoft MVP Philip Japikse discusses how ASP.NET Core Razor Pages in .NET 10 provides a streamlined, page-centric ...