The authors of this publication presented their research on the security of Visual Studio Code (VSCode), a popular code editor, at DEF CON 31. They found several attack surfaces in VSCode's architecture and identified vulnerabilities in various components, including exposed network services, protocol handlers, workspace settings and local data, workspace trust, and Cross-Site Scripting (XSS). The authors highlighted the importance of security in developer tools and emphasized that many tools are not built with security in mind. They also discussed their experience reporting vulnerabilities to Microsoft's Security Response Center and noted that even built-in extensions can be out of scope for bug bounty awards. The publication aims to educate users about the risks associated with VSCode and provide guidance on how to protect themselves.