Fake Solidity VSCode extension on Open VSX backdoors developers

A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source ...
The Hacker News

Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive

Researchers uncover SleepyDuck RAT hidden in VSX extension, using Ethereum contracts to control infected hosts.
The Hacker News

⚡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens

Active WSUS exploits, LockBit 5.0’s comeback, a Telegram backdoor, and F5’s hidden breach — this week’s biggest cyber threats ...
IEEE

The Impact of Prompt Programming on Function-Level Code Generation

Abstract: Large Language Models (LLMs) are increasingly used by software engineers for code generation. However, limitations of LLMs such as irrelevant or incorrect code have highlighted the need for ...
theregister

Devs are writing VS Code extensions that blab secrets by the bucketload

Developers of VS Code extensions are leaking sensitive secrets left, right and center, according to researchers who worked with Microsoft to combat an issue that could have led to some nasty supply ...
GitHub

[Bug] Most build-in Slash Commands Not Working in VS Code Extension 2.0.x

After updating to Claude Code extension 2.0.x (now on 2.0.5 ) in VS Code, most built-in slash commands no longer work. For example, when I type /help or /rewind in the Claude input box, I only see “no ...
GitHub

Incompatibility with Microsoft.Azure.WebJobs.Extensions.OpenApi

At the moment, the in-processs 4.2.0 version is not compatible with Microsoft.Azure.WebJobs.Extensions.OpenApi 1.5.1. The reason being that apparently the functions registered by the OpenApi assembly ...