SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
XDA Developers on MSN

4 VS Code forks built for specific tasks

The classic VS Code is great and all, but these specialized forks are better for certain programming tasks ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
How-To Geek on MSN

Visual Studio Code has new experimental themes and more AI coding features

The January 2026 update has arrived.