The Java ecosystem has historically been blessed with great IDEs to work with, including NetBeans, Eclipse and IntelliJ from JetBrains. However, in recent years Microsoft's Visual Studio Code editor ...

Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.

At the JavaOne conference today, Oracle made a series of announcements related to a new Java Verified Portfolio (JVP) and new JDK Enhancement Proposals (JEPs).

As is customary during its JavaOne conference, Oracle is releasing a new version of Java. Today, it’s all about Java 26. The ...

JavaOne Oracle has shipped Java 26, a short-term release, and introduced Project Detroit, which promises faster interop between Java, JavaScript, and Python. Java 26 will be supported for just six ...

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...

Security researchers revealed two malicious VS Code extensions exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million developers to servers in China while masquerading as AI ...

The Copilot Studio extension for Visual Studio Code is now generally available, allowing agents to be developed and managed directly from the editor. The extension enables software-style workflows for ...

A new VS Code extension called Nogic visualizes codebases as interactive graphs and drew strong interest on Hacker News. Commenters praised the concept for understanding large or unfamiliar codebases, ...

In December 2025, the GlassWorm supply chain malware campaign emerged again, affecting both the Microsoft Visual Studio Marketplace and Open VSX platforms. This episode involved 24 extensions posing ...