SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
Visual Studio Magazine

VS Code 1.109 Deemed a Multi-Agent Development Platform

The January 2026 release of Visual Studio Code expands AI-assisted development with structured planning agents, parallel ...
Visual Studio Magazine

Hands On with New Multi-Agent Orchestration in VS Code

A proof of concept shows how multi-agent orchestration in Visual Studio Code 1.109 can turn a fragile, one-pass AI workflow into a more reliable, auditable process by breaking long tasks into smaller, ...

GitHub Copilot adds GPT-5.3-Codex with 25% faster performance for agentic tasks

Codex. Pro and Enterprise users gain 25% faster agentic task performance. Learn how to enable it today. GitHub has announced ...