Microsoftは2月24日（現地時間）、Visual Studio 2026 Stable Channel向けに2月のアップデート（18.3）内容まとめを同社ブログ内で紹介した。今月のアップデートでは、AI支援、デバッグ、テスト、コードモダナイゼーションの強化が主な焦点となっている。

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...

All of the execution paths identified by its research team are designed to trigger during the Next.js devs' normal working ...

The VS Code 1.110 cycle is putting more 'hands-on' capabilities into chat, led by native browser integration that lets AI agents interact with page elements, capture screenshots, and pull real-time ...

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

OX SecurityはVS Code用の拡張機能4件に重大な脆弱性を確認した。Live Serverなどに遠隔ファイル流出やRCEの恐れがあり、Cursorなどにも影響する。開発環境の防御は急務であり、審査制度の整備を提言している。

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain ...

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

Microsoft is previewing an open-source command-line tool designed to speed up Windows application development, testing, and delivery.

CERT-In has issued a high-risk security warning for Google Chrome users who are using the browser on Windows, macOS, and Linux. The warning flags critical vulnerabilities which if exploited by hackers ...