The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...
InfoQ

Chrome 144 Ships Temporal API: Advancing JavaScript Date/Time Standardisation

Chrome 144 introduces the groundbreaking Temporal API, revolutionizing date and time management in JavaScript. As a modern alternative to the criticized Date object, Temporal resolves parsing ...

Yes, you can vibe-code. Here’s how to get started.

Creating your own programs might seem daunting. It’s a lot easier than you think.
Visual Studio Magazine

Hands On with New Multi-Agent Orchestration in VS Code

A proof of concept shows how multi-agent orchestration in Visual Studio Code 1.109 can turn a fragile, one-pass AI workflow into a more reliable, auditable process by breaking long tasks into smaller, ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
GitHub

Changing Close File Behaviour - UX Issue

This is a UX issue... I think that when you close a file in VS Code, the explorer should just stay where it is until a different file is selected in the tabs. Countless times, I have lost my place in ...
GitHub

Devcontainer creation fails - wrong typescript-node image tag

Cloning a repo into a devcontainer from the command palette and selecting TypeScript & Node with version 24-bookworm produces the following error: Error response from ...