The Hacker News

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...
Visual Studio Magazine

Getting My OpenClaw Around VS Code

There's a lot of buzz around OpenClaw lately, so I had to check it out in my favorite editor, VS Code. Turns out this is a nascent space, not much being done with the new it agentic AI tool and the ...
The Hacker News

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...
TechRadar

GitHub developers targeted by fake VS Code alerts spreading malware

Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick developers into downloading malware via cloud-hosted links Thousands of ...

Aikido Security Launches Endpoint Protection for Developer Devices as Software Supply Chain Attacks Hit Unprecedented Scale

GHENT, Belgium, April 20, 2026 (GLOBE NEWSWIRE) -- Aikido Security today launched Aikido Endpoint, a lightweight security agent that protects developer devices against software supply chain attacks by ...
Cybernews

Checkmarx hit again, popular tools spreading credential-stealing malware

Checkmarx suffers a second supply chain attack in a month, resulting in hackers injecting credential-stealing malware into ...
Techzine Europe

Aikido Endpoint offers developers additional protection against supply chain attacks

Aikido Security is launching Aikido Endpoint, a lightweight agent designed to protect developers’ endpoints against supply ...
Visual Studio Magazine

Hands On with VS Code 1.112's New Image Analysis for Agents

VS Code 1.112 agents can now read image files from disk. The image carousel can open generated or selected images in chat. My PoC used three leaderboard screenshots to summarize model trade-offs.