The Hacker News

Microsoft Fixes One-Click GitHub Dev Attack That Let Attackers Steal OAuth Tokens

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.
Analytics India Magazine

Just How Easy is it to Publish Malicious Extension on VSCode?

Israeli researchers demonstrated that publishing malicious VSCode extensions can be done in just 30 minutes. Over 1,280 malicious extensions exist on VSCode, accumulating 229 million installations.
GitHub

Javascript Debug Terminal not debugging

Does this issue occur when all extensions are disabled?: Yes/No Not possible to test - JavaScript debug terminal is not an option in bisect mode. VS Code Version ...
GitHub

Can't debug TypeScript/JavaScript VS Code extensions with Insiders

Open a TypeScript/JavaScript project that is configured to debug with the extensionHost. I'm using https://github.com/microsoft/vscode-cpptools. Bug: There's no ...
IEEE

Analyzing Information Flow in JavaScript-Based Browser Extensions

Abstract: JavaScript-based browser extensions (JSEs) enhance the core functionality of Web browsers by improving their look and feel, and are widely available for commodity browsers. To enable a rich ...
Visual Studio Magazine

VS Code Previews JavaScript Debugger, Search Editor, Timeline View, More

The January 2020 update of Visual Studio Code, v1.42, is out with a bunch of new features and previews of an upcoming JavaScript debugger, Search editor, Timeline view and more. "Preview features are ...