米Microsoftは6月9日（現地時間）、すべてのサポート中バージョンのWindowsに対し月例のセキュリティ更新プログラムをリリースした（パッチチューズデー）。現在、「Windows Update」や「Windows Update カタログ」などから入手可能。Windows以外の製品も含め、今月のパッチではCVE番号ベースで208件の脆弱性が新たに対処されている。

VS Code 1.123 adds a two-hour delay before extensions auto-update to newer versions when automatic updates are enabled.

A VS Code exploit for github.dev can steal GitHub OAuth tokens after one malicious link, exposing private repositories while teams await a patch.

With Microsoft's new Dev Configs, a Windows installation becomes a ready-to-use developer workstation with a single command – ...

D Yet another aggrieved bug hunter has leaked a vulnerability affecting a Microsoft product after becoming disillusioned with ...

VS Code flaw exposes GitHub OAuth tokens via one-click attack on GitHub.dev, enabling private repo access and token theft.

Meta’s Rust-powered linter and type checker for Python pairs blazing speed with advanced and innovative features.

Trump Mobile exposes customer data, phishers target the 2026 FIFA World Cup, CISA responds to supply chain attacks.

GitHub has confirmed an attack via an extension for Visual Studio Code. The stolen data is apparently for sale on a cybercrime forum.

GitHub is investigating a cyberattack linked to a malicious VS Code extension after hackers allegedly accessed thousands of internal repositories and attempted to sell the data online.

Microsoft delivered fixes for issues affecting everything from Windows to Office, .NET, and SQL Server, and several patches that should be deployed ASAP.