Computer Weekly

Microsoft patches zero-days in .NET and SQL Server

Two zero-day flaws in the form of a denial of service (DoS) issue in .NET and an elevation of privilege (EoP) issue in SQL Server top the agenda for security teams in Microsoft’s latest monthly Patch ...
Post and Courier

Bartenders, servers get extension for mandatory alcohol training needed under SC insurance reform

COLUMBIA — The S.C Department of Revenue is extending the deadline for the state’s hospitality workers to complete a new mandatory alcohol server training created under last year’s liquor liability ...
Visual Studio Magazine

Hands On: Building an MCP Server with VS Code AI Toolkit's New Tool Catalog

Microsoft's AI Toolkit extension for VS Code now includes a Tool Catalog that can scaffold a Python or TypeScript MCP server with the core transport and registration plumbing already set up. In ...
CSOonline

Flaws in four popular VS Code extensions left 128 million installs open to attack

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...
Bleeping Computer

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
winbuzzer.com

Malicious VS Code Extensions Steal Code from 1.5M Developers

Security researchers revealed two malicious VS Code extensions exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million developers to servers in China while masquerading as AI ...
IEEE

Protect Your Secrets: Understanding and Measuring Data Exposure in VSCode Extensions

Abstract: Recent years have witnessed the emerging trend of extensions in modern Integrated Development Environments (IDEs) like Visual Studio Code (VSCode) that significantly enhance developer ...
Redmond Magazine

Microsoft Ignite 2025: SQL Server 2025 Is Here

With the official release of Microsoft's latest database offering, let's see what was improved and what still needs some work. Today, at Ignite, Microsoft announced the general availability of SQL ...
CSOonline

Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace

A suspicious Visual Studio Code extension with file-encrypting and data-stealing behavior successfully bypassed marketplace review and entered the developer ecosystem. In a suspected test effort, ...
The Hacker News

Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive

Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck. According to Secure Annex's John Tuckner, the extension ...
Bleeping Computer

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and ...
Visual Studio Magazine

Implementing Azure Arc for SQL Server

Managing SQL Server across hybrid and multi-cloud environments has long posed a challenge for database administrators. With data sprawled across on-premises infrastructure, cloud platforms, and edge ...