The Hacker News

Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive

Researchers uncover SleepyDuck RAT hidden in VSX extension, using Ethereum contracts to control infected hosts.
Visual Studio Magazine

VS Code Expands AI Flexibility with Bring Your Own Key

Microsoft expanded model choice in VS Code with Bring Your Own Key (BYOK), enabling developers to connect models from any provider and manage them through a new extensible API.
CSO Online

Cyber agencies produce ‘long overdue’ best practices for securing Microsoft Exchange Server

Best practices include a focus on hardening user authentication and access, ensuring strong network encryption, and minimizing application attack surfaces.