Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
Visual Studio Magazine

VS Code 1.122 Lets BYOK Work Without GitHub Sign-In

Microsoft's May 2026 VS Code update makes BYOK usable in restricted environments while adding agent, browser and issue-reporting updates.
GitHub

coffeegrind123/gemini-for-claude-code

This server acts as a bridge, enabling you to use Claude Code with Google's powerful Gemini models. It translates API requests and responses between the Anthropic format (used by Claude Code) and the ...
DataBreachToday

Microsoft Code Editor Flaw Lets Attackers Hijack Developer PCs

Microsoft patched a high-severity flaw in Visual Studio Code after researchers found attackers could hide malicious settings ...