Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user’s GitHub token. “Just by clicking a link, it’s possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones,” security researcher Ammar Askar said.…
Tag: Visual
Exploits, Global Security News
VS Code zero-day lets hackers steal GitHub tokens in one click
A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a link. […]
AI, Global Security News
Visual Studio Code 1.118 adds auto model selection to Copilot CLI
Microsoft’s editor releases continue on a monthly cadence, with the Insiders build of Visual Studio Code 1.118. The update concentrates on the Copilot CLI integration, session management in the Agents app, and an opt-in path for TypeScript 7.0. Copilot CLI gains auto model selection Two separate entries in the changelog add automatic model selection to…
AI, Global Security News
Visual Studio cloud agents now run inside GitHub Copilot
Microsoft’s April update to Visual Studio introduces cloud agent integration in GitHub Copilot, enabling developers to offload tasks to remote infrastructure for scalable, isolated execution. You can now start cloud agent sessions directly from Visual Studio. Custom agents now support user-level definitions that persist across projects, making it easier to reuse configurations. The update also…
AI, Cybersecurity, Global Security News
Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware
Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code) extensions on the Open VSX repository that are linked to a persistent information-stealing campaign dubbed GlassWorm. The cluster of 73 extensions has been identified as cloned versions of their legitimate counterparts. Of these, six have been confirmed to be malicious, with the remaining…
AI, Global Security News, malware
Fake VS Code alerts on GitHub spread malware to developers
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading malware. […]
Global Security News, Network Security, Risk Management
Zero Networks Kubernetes Access Matrix exposes hidden access paths and blast radius
Zero Networks has announced the Kubernetes Access Matrix, a real time visual map that exposes every allowed and denied rule inside Kubernetes clusters. The new capability enables security and DevOps teams to see, understand, and control Kubernetes access at scale, closing “understanding what is going on inside K8s” gaps that leave organizations exposed to lateral…
AI, Global Security News
Flaws in Popular Software Development App Extensions Allow Data Exfiltration
Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain unpatched
AI, Apps, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management
XSS Bug in VS Code Extension Exposed Local Files
A widely used Microsoft Visual Studio Code (VS Code) extension quietly exposed millions of developers to potential local file exfiltration through a cross-site scripting (XSS) flaw. The issue affected the official Live Preview extension — downloaded more than 11 million times — and allowed malicious websites to interact with a developer’s localhost environment. An “……
AI, Apps, Exploits, Global Security News, Network Security, Risk Management
Flaws in four popular VS Code extensions left 128 million installs open to attack
Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, and local network reconnaissance. Application security company OX Security published the findings this week, saying it had begun notifying vendors in June 2025 but received no response…
AI, Artificial Intelligence, Cybersecurity, Don't miss, Endpoint, GitHub, Global Security News, News
Allama: Open-source AI security automation
Allama is an open-source security automation platform that lets teams build visual workflows for threat detection and response. It includes integrations with 80+ types of tools and services typical in security operations, including SIEM systems, endpoint detection and response products, identity providers, and ticketing systems. The project supports alerts from many sources. Once alerts enter…
AI, Artificial Intelligence, Cybersecurity, Don't miss, Endpoint, GitHub, Global Security News, News
Allama: Open-source AI security automation
Allama is an open-source security automation platform that lets teams build visual workflows for threat detection and response. It includes integrations with 80+ types of tools and services typical in security operations, including SIEM systems, endpoint detection and response products, identity providers, and ticketing systems. The project supports alerts from many sources. Once alerts enter…
AI, Apps, Artificial Intelligence, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, News, Risk Management, Threats
Fake Clawdbot VS Code Extension Deploys ScreenConnect RAT
A malicious Visual Studio (VS) Code extension posing as an AI-powered assistant was quietly installing remote access malware on developers’ systems. The fake extension, called ClawdBot Agent, appeared legitimate on the surface but executed malware automatically as soon as VS Code launched. “The layering here is impressive. You’ve got a fake AI assistant dropping legitimate…