The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...
Visual Studio Magazine

Copilot Studio Extension for VS Code Goes GA

Microsoft has released the Copilot Studio extension for Visual Studio Code to general availability, enabling teams to build, ...

New GlassWorm attack targets macOS via compromised OpenVSX extensions

A new GlassWorm malware attack through compromised OpenVSX extensions focuses on stealing passwords, crypto-wallet data, and developer credentials and configurations from macOS systems.
GitHub

WayLog - Save & Export AI Chat History

WayLog is a free, open-source, local-first extension that turns your fleeting AI conversations into a permanent, git-friendly knowledge base. Stop losing valuable context when you switch IDEs or close ...
GitHub

Git Flow Integration for Intellij

An intelliJ plugin providing a UI layer for git-flow, which in itself is a collection of Git extensions to provide high-level repository operations for Vincent Driessen's branching model. This plugin ...
The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider's own GitHub repositories, including its AWS JavaScript SDK, ...