Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

Abstract: Recent years have witnessed the emerging trend of extensions in modern Integrated Development Environments (IDEs) like Visual Studio Code (VSCode) that significantly enhance developer ...

The coordinated campaign abuses Visual Studio Code and OpenVSX extensions to steal code, mine cryptocurrency, and maintain remote control, all while posing as legitimate developer tools. In a new ...

According to Greg Brockman on Twitter, the Codex VSCode plugin is already delivering strong performance for AI-powered code generation and is expected to improve rapidly (source: @gdb, August 29, 2025 ...

Microsoft has removed two popular VSCode extensions, 'Material Theme – Free' and 'Material Theme Icons – Free,' from the Visual Studio Marketplace for allegedly containing malicious code. The two ...

Welcome to the brave new world of modern, remote development in your browser. Let's get started with VSCode.dev. The fully realized browser-based IDE has been a long time coming. Ever since the ...

A recent investigation by security researchers has revealed a troubling surge in malicious campaigns exploiting popular development tools, including VSCode extensions and npm packages. These campaigns ...

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Currently, the VSCode extension highlights CSS and JS correctly in VSCode, but does not yet provide Intellisense for them when used as embedded languages: Possibly related to #5, since bringing ...