'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the ...

Latest Visual Studio Code Update Makes You Code Smarter, Not Harder

Unleash smarter coding with Visual Studio Code’s latest update featuring AI integration, customizable tools, and workflow ...

This 'critical' Cursor security flaw could expose your code to malware - how to fix it

A feature being disabled by default could leave users and their organizations vulnerable to commands that run automatically.
The Hacker News

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Cursor is an AI-powered fork of Visual Studio Code, which supports a feature called Workspace Trust to allow developers to safely browse and edit code regardless of where it came from or who wrote it.
CSO Online

Cursor’s autorun lets hackers execute arbitrary code

By default, malicious repositories run automatically when a folder is opened, putting developer machines and sensitive ...