The Hacker News

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

VS Code 1.123 adds a two-hour delay before extensions auto-update to newer versions when automatic updates are enabled.

When AI Writes Code, Who Protects Production Systems?

To operate safely at higher development velocity, organizations must embed reliability guardrails directly into their ...
SecurityWeek

VS Code Vulnerability Allows One-Click GitHub Token Theft

A researcher has disclosed details of a severe VS Code vulnerability that can be exploited to steal GitHub tokens and access ...
SecurityWeek

Critical Vulnerabilities Patched in Fortinet, Ivanti Products

Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution.