SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.

Linux users report Microsoft's Visual Studio Code Snap package isn't actually deleting files

Many have run out of disk space entirely ...
The Hacker News

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

Eclipse Foundation to require pre-publish security checks for Open VSX extensions to reduce VS Code supply-chain risk.

GlassWorm Malware Hits macOS Through Trusted Open VSX Extensions

Cybersecurity researchers from Socket’s Threat Research team have identified a developer-compromise supply chain attack ...

VS Code is gobbling up storage space on Ubuntu, but there's a fix

VS Code's official Snap package on Linux has a bug first reported in 2024 that still hasn't been fixed and is gobbling up storage space.