Topic: forked software

Sort by: Relevance | Date
  • Beware: VSCode Forks Risk "Recommended Extension" Attacks
    January 7, 2026

    Beware: VSCode Forks Risk "Recommended Extension" Attacks

    A security flaw in popular AI-assisted IDEs (like Cursor and Windsurf) stems from their inherited "recommended extension" lists pointing to Microsoft's marketplace, which they cannot access, leaving unclaimed namespaces vulnerable to malicious takeover on the OpenVSX registry they use instead. Th...

    Read More »

Related Topics

supply chain security (1) threat actors (1) security research (1) extension marketplace (1) vulnerability disclosure (1) malicious extensions (1) user verification (1) ai ides (1)