Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.

If you find any work missing or have any suggestions (papers, implementations, and other resources), feel free to pull requests. We will add the missing papers to this repo as soon as possible. You ...

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...

As part of the infamous Contagious Interview campaign, North Korean threat actors were seen abusing legitimate Microsoft Visual Studio Code in their attacks.

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...

The Copilot Studio extension lets developers use any VS Code-compatible AI assistant to develop AI agents, then sync with ...

🕹️ Try and Play with VAR! We provide a demo website for you to play with VAR models and generate images interactively. Enjoy the fun of visual autoregressive modeling! We provide a demo website for ...