Microsoft VS Code Live Preview fix in version 0.4.16
Security Patch Release
Summary
Hide ▲
Show ▼
Microsoft's VS Code 0.4.16 quietly fixed a Microsoft Live Preview flaw that could expose developer files when the extension was running. The update closes one exploitable path tied to malicious websites and localhost requests.
Related Happenings
Amazon security patch release for CVE-2026-50549
Security Patch Release
H score29
First: 09.07.2026 14:00
Last: 09.07.2026 14:00
Sources 1
About this happening:
**Amazon, Google and Cursor** shipped fixes for **GhostApproval**, a flaw in AI coding assistants that let deceptive repository paths bypass approval prompts. The patch response c...
Amazon security patch release for CVE-2026-50549
Security Patch ReleaseAbout this happening: **Amazon, Google and Cursor** shipped fixes for **GhostApproval**, a flaw in AI coding assistants that let deceptive repository paths bypass approval prompts. The patch response c...
Visual Studio Code adds two-hour delay for automatic extension updates
Security Tool/Service
H score10
First: 08.06.2026 09:08
Last: 08.06.2026 09:08
Sources 1
About this happening:
**Visual Studio Code (VS Code)** will delay automatic extension updates by **two hours** starting in **VS Code 1.123**, reducing exposure to **problematic or potentially compromis...
Visual Studio Code adds two-hour delay for automatic extension updates
Security Tool/ServiceAbout this happening: **Visual Studio Code (VS Code)** will delay automatic extension updates by **two hours** starting in **VS Code 1.123**, reducing exposure to **problematic or potentially compromis...
GlassWorm v2 cloned VS Code extension loaders
Malware Activity
H score30
First: 27.04.2026 14:23
Last: 27.04.2026 14:23
Sources 1
About this happening:
The **GlassWorm v2** malware activity now uses **cloned VS Code extensions** on **Open VSX** to deliver payloads that steal credentials, deploy a **RAT**, and spread across multip...
GlassWorm v2 cloned VS Code extension loaders
Malware ActivityAbout this happening: The **GlassWorm v2** malware activity now uses **cloned VS Code extensions** on **Open VSX** to deliver payloads that steal credentials, deploy a **RAT**, and spread across multip...
Microsoft Defender BlueHammer (CVE-2026-33825) Patch Tuesday update
Security Patch Release
H score36
First: 16.04.2026 23:19
Last: 16.04.2026 23:19
Sources 1
About this happening:
**Microsoft** shipped a **Patch Tuesday** fix for **CVE-2026-33825**, a **Microsoft Defender** local-privilege-escalation flaw that can lead to **SYSTEM** access. The update narro...
Microsoft Defender BlueHammer (CVE-2026-33825) Patch Tuesday update
Security Patch ReleaseAbout this happening: **Microsoft** shipped a **Patch Tuesday** fix for **CVE-2026-33825**, a **Microsoft Defender** local-privilege-escalation flaw that can lead to **SYSTEM** access. The update narro...
GlassWorm open-source supply-chain campaign targeting developers
Campaign
H score46
First: 14.03.2026 14:55
Last: 14.03.2026 14:55
Sources 1
About this happening:
The **GlassWorm** campaign has added a new **Open VSX** wave of **73 cloned VS Code extensions** that impersonate legitimate packages to build trust before delivering malware. **S...
GlassWorm open-source supply-chain campaign targeting developers
CampaignAbout this happening: The **GlassWorm** campaign has added a new **Open VSX** wave of **73 cloned VS Code extensions** that impersonate legitimate packages to build trust before delivering malware. **S...
Latest development: 17.03.2026 23:42
GlassWorm renewed its supply-chain campaign against GitHub, npm, and VSCode/OpenVSX, with researchers identifying 433 compromised components this month across 200 GitHub Python repositories, 151 GitHub JS/TS repositories, 72 VSCode/OpenVSX extensions, and 10 npm packages. The operators compromised GitHub accounts to force-push malicious commits, published obfuscated code using invisible Unicode characters, and used Solana blockchain transactions as C2 to deliver a Node.js runtime and a JavaScript-based information stealer that targets cryptocurrency wallet data, credentials, access tokens, SSH keys, and developer environment data.
Timeline
-
19.02.2026 12:45 2 articles · 4mo ago
Microsoft VS Code Live Preview fix in version 0.4.16
Initial DisclosureIn **September 2025**, Microsoft shipped **VS Code 0.4.16** and quietly removed the **Microsoft Live Preview** flaw. The change closed a path that could expose files from **developer machines** when the extension was active.
Show sources
- Flaws in Popular Software Development App Extensions Allow Data Exfiltration — www.infosecurity-magazine.com — 19.02.2026 12:45
- Flaws in Popular Software Development App Extensions Allow Data Exfiltration — www.infosecurity-magazine.com — 19.02.2026 12:45