Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft VS Code Live Preview fix in version 0.4.16

Security Patch Release
First reported
Last updated
Happening score
H score 64
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft's VS Code 0.4.16 quietly fixed a Microsoft Live Preview flaw that could expose developer files when the extension was running. The update closes one exploitable path tied to malicious websites and localhost requests.

Related Happenings

Amazon security patch release for CVE-2026-50549

Security Patch Release
H score29 First: 09.07.2026 14:00 Last: 09.07.2026 14:00 Sources 1

About this happening: **Amazon, Google and Cursor** shipped fixes for **GhostApproval**, a flaw in AI coding assistants that let deceptive repository paths bypass approval prompts. The patch response c...

Visual Studio Code adds two-hour delay for automatic extension updates

Security Tool/Service
H score10 First: 08.06.2026 09:08 Last: 08.06.2026 09:08 Sources 1

About this happening: **Visual Studio Code (VS Code)** will delay automatic extension updates by **two hours** starting in **VS Code 1.123**, reducing exposure to **problematic or potentially compromis...

GlassWorm v2 cloned VS Code extension loaders

Malware Activity
H score30 First: 27.04.2026 14:23 Last: 27.04.2026 14:23 Sources 1

About this happening: The **GlassWorm v2** malware activity now uses **cloned VS Code extensions** on **Open VSX** to deliver payloads that steal credentials, deploy a **RAT**, and spread across multip...

Microsoft Defender BlueHammer (CVE-2026-33825) Patch Tuesday update

Security Patch Release
H score36 First: 16.04.2026 23:19 Last: 16.04.2026 23:19 Sources 1

About this happening: **Microsoft** shipped a **Patch Tuesday** fix for **CVE-2026-33825**, a **Microsoft Defender** local-privilege-escalation flaw that can lead to **SYSTEM** access. The update narro...

GlassWorm open-source supply-chain campaign targeting developers

Campaign
H score46 First: 14.03.2026 14:55 Last: 14.03.2026 14:55 Sources 1

About this happening: The **GlassWorm** campaign has added a new **Open VSX** wave of **73 cloned VS Code extensions** that impersonate legitimate packages to build trust before delivering malware. **S...

Latest development: 17.03.2026 23:42

GlassWorm renewed its supply-chain campaign against GitHub, npm, and VSCode/OpenVSX, with researchers identifying 433 compromised components this month across 200 GitHub Python repositories, 151 GitHub JS/TS repositories, 72 VSCode/OpenVSX extensions, and 10 npm packages. The operators compromised GitHub accounts to force-push malicious commits, published obfuscated code using invisible Unicode characters, and used Solana blockchain transactions as C2 to deliver a Node.js runtime and a JavaScript-based information stealer that targets cryptocurrency wallet data, credentials, access tokens, SSH keys, and developer environment data.

Timeline

  1. 19.02.2026 12:45 2 articles · 4mo ago

    Microsoft VS Code Live Preview fix in version 0.4.16

    Initial Disclosure

    In **September 2025**, Microsoft shipped **VS Code 0.4.16** and quietly removed the **Microsoft Live Preview** flaw. The change closed a path that could expose files from **developer machines** when the extension was active.

    Show sources