Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Microsoft VS Code Live Preview fix in version 0.4.16

Security Patch Release
First reported
Last updated
Happening score
H score 20
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft's VS Code 0.4.16 quietly fixed a Microsoft Live Preview flaw that could expose developer files when the extension was running. The update closes one exploitable path tied to malicious websites and localhost requests.

Related Happenings

GlassWorm v2 cloned VS Code extension loaders

Malware Activity
First: 27.04.2026 14:23 Last: 27.04.2026 14:23 Sources 1

About this happening: The **GlassWorm v2** malware activity now uses **cloned VS Code extensions** on **Open VSX** to deliver payloads that steal credentials, deploy a **RAT**, and spread across multip...

Open Happening

Microsoft Defender BlueHammer (CVE-2026-33825) Patch Tuesday update

Security Patch Release
First: 16.04.2026 23:19 Last: 16.04.2026 23:19 Sources 1

About this happening: **Microsoft** shipped a **Patch Tuesday** fix for **CVE-2026-33825**, a **Microsoft Defender** local-privilege-escalation flaw that can lead to **SYSTEM** access. The update narro...

Open Happening

GlassWorm open-source supply-chain campaign targeting developers

Campaign
First: 14.03.2026 14:55 Last: 14.03.2026 14:55 Sources 1

About this happening: The **GlassWorm** campaign has added a new **Open VSX** wave of **73 cloned VS Code extensions** that impersonate legitimate packages to build trust before delivering malware. **S...

Latest development: 17.03.2026 23:42

GlassWorm renewed its supply-chain campaign against GitHub, npm, and VSCode/OpenVSX, with researchers identifying 433 compromised components this month across 200 GitHub Python repositories, 151 GitHub JS/TS repositories, 72 VSCode/OpenVSX extensions, and 10 npm packages. The operators compromised GitHub accounts to force-push malicious commits, published obfuscated code using invisible Unicode characters, and used Solana blockchain transactions as C2 to deliver a Node.js runtime and a JavaScript-based information stealer that targets cryptocurrency wallet data, credentials, access tokens, SSH keys, and developer environment data.

Open Happening

Microsoft security patch release for CVE-2026-21262

Security Patch Release
First: 10.03.2026 19:49 Last: 10.03.2026 19:49 Sources 1

About this happening: **Microsoft's March 2026 Patch Tuesday** delivers fixes for **79 flaws**, including **2 publicly disclosed zero-days** and several **Critical** issues across **SQL Server**, **.NE...

Open Happening

Cline CLI compromised token mitigation

Advisory/Mitigation
First: 20.02.2026 16:20 Last: 20.02.2026 16:20 Sources 1

About this happening: Cline maintainers released **version 2.4.0** to contain the **unauthorized npm publication** of **[email protected]**, which had been pushed with a **compromised publish token**. They a...

Open Happening

Timeline

  1. 19.02.2026 12:45 2 articles · 3mo ago

    Microsoft VS Code Live Preview fix in version 0.4.16

    Initial Disclosure

    In **September 2025**, Microsoft shipped **VS Code 0.4.16** and quietly removed the **Microsoft Live Preview** flaw. The change closed a path that could expose files from **developer machines** when the extension was active.

    Show sources
    Open in new tab