VS Code flaw lets attackers reuse deleted extension names, enabling ransomware payload delivery and supply chain risks.

OpenAI has updated its Codex AI coding agent with a new VS Code extension, GPT-5 power, and automated GitHub pull request reviews for a unified developer experience.