GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
腾讯网

微软加速VS Code开发,改为每周更新模式

微软宣布将加快其Visual Studio Code更新交付的步伐。自去年夏天以来,微软一直保持每月发布更新的节奏,每次发布包含三到四个补丁和新功能,但从3月9日开始,更新将改为每周发布一次,该消息已在GitHub上正式宣布。
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
腾讯网

Visual Studio Code 1.110发布,预览智能体插件功能

微软发布了Visual Studio Code 1.110,这是备受欢迎的代码编辑器的一次重要更新。该公司表示,此次更新通过为开发者提供扩展智能体的新方式、更智能的会话管理以及更好的可见性和控制能力,使智能体能够胜任长期运行和更复杂的任务。
WinBuzzer

GitHub: Glassworm Hides Malware in Invisible Unicode Across 151+ Repos

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...
How-To Geek on MSN

This IDE actually made me a better programmer

One IDE to rule them all. You won't want to use anything else.
InfoQ中国 on MSN

Cloudflare:我们如何用 OpenCode 和 Claude,在一周内重构 Next.js

上周,一名工程师从零开始,用 AI 模型重构了当下最流行的前端框架,最终得到了 vinext(读作“vee-next”)。它可作为 Next.js 的即插即用替代方案,基于 Vite 构建,仅需一条命令就能部署到 Cloudflare Workers。在初步基准测试中,生产环境应用的构建速度最高提升 4 倍,客户端打包体积最高减小 ...