Glassworm returns once again with a third round of VS code attacks

The Visual Studio Marketplace and the Open VSX Registry users are targeted once again with infostealing malware.
CSO Online

RCE flaw in OpenAI’s Codex CLI highlights new risks to dev environments

Researchers found that .env files inside cloned repositories could be used to change the Codex CLI home directory path and ...

Meet OpenCode, a Community-Built Agent That Trims Tokens & Costs

OpenCode adds LSP support, a metrics panel, and new session commands, so developers spot context fast and cut wasted tokens.