A malicious campaign used 19 Visual Studio Code extensions to hide malware, often by embedding a tampered npm package or…
Read More »developer security
A zero-day vulnerability in AI coding tools (e.g., Cursor, Windsurf) exposed developers to machine hijacking via compromised extensions, with attackers…
Read More »