Dark Reading

Amazon Q VS Extension Flaw Leads to Cloud Credential Theft

Adversaries could plant a malicious repository that executes arbitrary code and steals cloud credentials, showcasing MCP risk ...
MUO on MSN

The 6 VS Code extensions I wish I'd installed years ago

Stop coding without these extensions ...
SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Security Boulevard

Cut your coding agent’s cost with Sonar Vortex

New benchmarks show semantic code graphs helping coding agents find change locations faster and complete updates more ...
InfoWorld

Visual Studio Code locks down untrusted code

Workspace Trust feature in VS Code 1.26 lets users configure whether code in a project folder can be executed by VS Code ...
InfoWorld

Visual Studio Code introduces restricted mode for untrusted folders

Workspace Trust feature in VS Code 1.26 lets users configure whether code in a project folder can be executed by VS Code ...