News

Using CodeQL to detect client-side vulnerabilities in web applications

GitHub’s CodeQL is a robust query language originally developed by Semmle that allows you to look for vulnerabilities in the source code ...

'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the ...

VSCode market struck by huge influx of malicious WhiteCobra extensions - so be warned

Last week, BleepingComputer reported that researchers discovered two dozen malicious extensions in the Visual Studio ...
GitHub

VSCode Extension regression: testing prompt on Azure OpenAI fails in v0.0.8

When using the Visual Studio POML extension to test a prompt on Azure OpenAI, I now get an AI_APICallError: Resource not found in v0.0.8. Reverting the POML extension to v0.0.7, it magically works ...
GitHub

Support invoking tools from VsCode extensions

This would bring Gemini CLI in VsCode closer to CoPilot in terms of the tools available to it. Extensions can expose any number of useful language model tools in this way. Concretely, the DartCode ...