OpenClaw AI: Extensions Security Issues Expose Risks of Open-Source AI Agents

OpenClaw, an open-source agentic AI platform, is facing serious security concerns after researchers uncovered hundreds of ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
Bleeping Computer

Malicious VSCode extensions on Microsoft's registry drop infostealers

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing malware that can take screenshots, steal credentials, crypto wallets, and ...
winbuzzer.com

JavaScript Turns 30: Why The World’s Most Popular Language Faces a Trademark Revolt

Marking its 30th anniversary on Thursday, the world’s most popular programming language faces a bitter ongoing custody battle rather than a celebration. Creators and community leaders are stepping up ...
CSOonline

Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace

A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace review and entered the developer ecosystem. In a suspected test effort, ...
The Hacker News

Search results for javascript-extension-vscode | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, ...
Bleeping Computer

'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has been targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the Visual Studio marketplace and the Open VSX registry. The campaign is ...
GitHub

Provide a way to reduce the noisy output when running extension tests to reduce context bloat and agent confusion

When I run extension tests on GitHub actions, there's a lot of unwanted output printed. When trying to have agents run the tests, this all ends up in the context and the model sometimes attribute ...
GitHub

BUG: Extension passes Typescript to CodeQL for query packs instead of Javascript

When I was running the extension without manually setting the language, the scan would fail after building and analyzing the database: [2025-06-27T19:53:02.950Z] [WARN ] [CodeQLService ] Query pack ...
Yahoo

The Firefox Extensions You Didn't Know You Needed

Firefox extensions expand the functionality of the browser with new features not available in the default program. Below are the best Firefox add-ons (aka extensions) that cover security and privacy, ...
IEEE

Protect Your Secrets: Understanding and Measuring Data Exposure in VSCode Extensions

Abstract: Recent years have witnessed the emerging trend of extensions in modern Integrated Development Environments (IDEs) like Visual Studio Code (VSCode) that significantly enhance developer ...