GitHub confirmed on May 20, 2026 that threat group TeamPCP exfiltrated approximately 3,800 internal repositories after a GitHub employee installed a trojanized Nx Console VS Code extension that was live on the marketplace for just 11 minutes. Stolen credentials include 1Password vaults, Anthropic Claude Code configurations, npm, GitHub, and AWS tokens; TeamPCP is seeking $50,000 for the data on underground forums.
VS Code automatically injects Co-Authored-by: GitHub Copilot into git commits even when users never used Copilot, sparking backlash on Hacker News.
VS Code automatically injects Co-Authored-by: GitHub Copilot into git commits even when users never used Copilot, sparking backlash on Hacker News.
GitHub’s April 8 changelog for Visual Studio Code summarizes Copilot releases v1.111 through v1.115 and shows a stronger shift toward autonomous agent workflows. Key additions include Autopilot in public preview, integrated browser debugging, multimodal chat inputs, and a unified editor for instructions, agents, skills, and plugins.
Ollama said on March 26, 2026 that VS Code now integrates with Ollama via GitHub Copilot. Ollama docs say VS Code 1.113+, GitHub Copilot Chat 0.41.0+, and Ollama v0.18.3+ let users load local or cloud Ollama models into the Copilot model picker, with GitHub Copilot Free sufficient for custom model selection.