'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the ...

This 'critical' Cursor security flaw could expose your code to malware - how to fix it

A feature being disabled by default could leave users and their organizations vulnerable to commands that run automatically.
The Hacker News

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Cursor is an AI-powered fork of Visual Studio Code, which supports a feature called Workspace Trust to allow developers to safely browse and edit code regardless of where it came from or who wrote it.
InfoQ

Visual Studio Code Server Now Available in Private Preview

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
CSO Online

Cursor’s autorun lets hackers execute arbitrary code

By default, malicious repositories run automatically when a folder is opened, putting developer machines and sensitive ...