Security Boulevard

SAML vs LDAP: Protocol Comparison for Authentication & Directory Services

Deep dive comparison of SAML and LDAP for CTOs. Learn the differences in authentication, directory services, and how to scale Enterprise SSO.
The Hacker News

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are ...
Neowin

Visual Studio Code 1.107 launches with multi-agent orchestration and Agent HQ0 0

Microsoft has released Visual Studio Code version 1.107 (November 2025) to the general public. A major theme for this release is the enhancement of agents, introducing multi-agent orchestration and ...
bitnewsbot

Malicious VS Code Extensions Steal Developer Data, Removed by Microsoft

The infected extensions—named BigBlack.Bitcoin-black with 16 installs and BigBlack.codo-ai with 25 installs—were removed by Microsoft in early December 2025. A third related package, ...
Bleeping Computer

Malicious VSCode extensions on Microsoft's registry drop infostealers

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing malware that can take screenshots, steal credentials, crypto wallets, and ...
Visual Studio Magazine

Threat Actors Keep Weaponizing VS Code Extensions

Threat actors continue to probe Visual Studio Code's extension ecosystem, and a late November incident shows how quickly a trusted developer tool can be turned into a supply chain beachhead. In a ...
Wall Street Journal

OpenAI Declares ‘Code Red’ as Google Threatens AI Lead

What really happens after you hit enter on that AI prompt? WSJ’s Joanna Stern heads inside a data center to trace the journey and then grills up some steaks to show just how much energy it takes to ...
cryptopolitan

3 VS Code extensions stealing credentials for GitHub, VSX, and crypto wallets

Cybersecurity firm Koi Security uncovers a new wave of the GlassWorm campaign, which hides malware in invisible Unicode code within VS Code extensions. The malware steals GitHub, Open VSX, and crypto ...
Dark Reading

GlassWorm Returns, Slices Back into VS Code Extensions

GlassWorm, a self-propagating malware targeting Visual Studio Code (VS Code) extensions on the Open VSX marketplace, have apparently continued despite statements that the threat had been contained.
Geeky Gadgets

Stop Overpaying for AI Coding Tools : Discover the Smarter Alternative

Have you ever felt like you’re pouring money into AI coding tools, only to be left with mediocre results and mounting costs? Platforms like Lovable, Replet, and V0 by Versel promise simplicity and ...
bitnewsbot

GlassWorm Worm Targets VS Code Extensions in Major Supply Chain Attack

On October 17, 2025, Cybersecurity researchers identified a self-spreading worm named GlassWorm infecting Visual Studio Code (VS Code) extensions available on the Open VSX Registry and Microsoft ...
SecurityWeek

Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware

The malware uses invisible Unicode characters to hide its code and blockchain-based infrastructure to prevent takedowns. Visual Studio developers are targeted with a self-propagating worm in a ...