SAP npm packages poisoned on April 29, 2026 + AES-256-GCM encrypted credential theft + AI coding tools abused for spread.

Overview On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft ...

Microsoft’s April 2026 security update fixes 165 vulnerabilities across Windows, Office, and other products, including one actively exploited SharePoint flaw. The update also introduces a Windows 11 ...

Visual Studio 2026 has further integrated GitHub Copilot's cloud agent to its Copilot Chat picker -- catching up to VS Code -- and the async workflow it enables, where a task runs on GitHub Actions ...

VS Code 1.117 adds bring-your-own model key support for Copilot Business and Enterprise users and introduces a set of chat, agent, terminal, and TypeScript updates.

Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...

Developers and analysts suggest that extending Visual Studio Code with AI tools like GitHub Copilot, Codex, and Claude is proving more effective than building entirely new AI-focused editors. VS ...

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

Microsoft is making Visual Studio more agentic. New tools handle remote coding tasks and analyze live app behavior to find ...

The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has ...

Microsoft has finally explained why Windows 11 File Explorer lacks smooth scrolling in all folders, blaming legacy code and ...

April 25, 2026 • At most elite colleges and universities, affirmative action is a thing of the past. But admissions offices are still interested in building racially diverse incoming classes — which ...