GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Oracle releases Java26, with new Java Verified Portfolio

At the JavaOne conference today, Oracle made a series of announcements related to a new Java Verified Portfolio (JVP) and new JDK Enhancement Proposals (JEPs).

Development Environment: Eclipse IDE 2026-03 enhances Java refactoring

The quarterly release of Eclipse IDE 2026-03 brings some new features alongside bug fixes, such as the Java refactoring function "Convert Class to Record".
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor ...
Infosecurity-magazine.com

Malware Discovered in 19 Visual Studio Code Extensions

A campaign involving 19 Visual Studio (VS) Code extensions that embed malware inside their dependency folders has been uncovered by cybersecurity researchers. Active since February 2025 but identified ...
Bleeping Computer

Glassworm malware returns in third wave of malicious VS Code packages

The Glassworm campaign, which first emerged on the OpenVSX and Microsoft Visual Studio marketplaces in October, is now in its third wave, with 24 new packages added on the two platforms. OpenVSX and ...
CSOonline

Self-propagating worm found in marketplaces for Visual Studio Code extensions

Treat this as an immediate security incident, CISOs advised; researchers say it’s one of the most sophisticated supply chain attacks they’ve seen, and it’s spreading. A month after a self-propagating ...
The Verge

Microsoft favors Anthropic over OpenAI for Visual Studio Code

Visual Studio Code now has a new auto AI model selector that favors Claude 4 over GPT-5. Visual Studio Code now has a new auto AI model selector that favors Claude 4 over GPT-5. is a senior editor and ...
TheServerSide

How to install Visual Studio Code for Java

The Java ecosystem has historically been blessed with great IDEs to work with, including NetBeans, Eclipse and IntelliJ from JetBrains. However, in recent years Microsoft's Visual Studio Code editor ...
The Hacker News

Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto

As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a ...
Neowin

JetBrains AI Assistant lands on Visual Studio Code as an extension

JetBrains's AI Assistant is no longer limited to its own IDEs. It is now available as an extension for VS Code. JetBrains has now made its AI Assistant available as an extension for Microsoft's ...