Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Visual Studio Magazine

Claude Code Edges OpenAI's Codex in VS Code's Agentic AI Marketplace Leaderboard

Claude Code has pulled ahead of OpenAI's Codex in VS Code Marketplace adoption metrics for tools tagged with 'agent,' just one way to judge these tools for your particular needs in this rapidly ...
Visual Studio Magazine

VS Code v1.110 Insiders: AI Agents Gain Native Browser Access and Global Instructions

The VS Code 1.110 cycle is putting more 'hands-on' capabilities into chat, led by native browser integration that lets AI agents interact with page elements, capture screenshots, and pull real-time ...

Update Chrome ASAP to Patch This High-Severity Security Flaw

Google has issued a patch for a high-severity flaw that has been actively exploited in the wild—the first Chrome zero-day in ...
CSO Online

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Google Chrome ships WebMCP in early preview, turning every website into a structured tool for AI agents

Google and Microsoft's new WebMCP standard lets websites expose callable tools to AI agents through the browser — replacing ...
How-To Geek on MSN

Update Google Chrome now to fix this zero-day vulnerability

The issue allowed attackers to "execute arbitrary code inside a sandbox".