Topic: malicious repositories
-
GitHub Flaw: Repositories Can Run Code on Your PC Without Permission
A security flaw in the Cursor extension for Visual Studio Code allows malicious repositories to execute unauthorized code automatically when a project folder is opened, exploiting the autorun feature. This vulnerability enables attackers to steal sensitive data like authentication tokens, tamper ...
Read More » -
Critical Git RCE Flaw (CVE-2025-48384) Actively Exploited by Attackers
A critical Git vulnerability (CVE-2025-48384) allows arbitrary code execution via maliciously crafted submodules, affecting macOS and Linux systems. CISA has confirmed active exploitation and mandated federal agencies to patch by September 15, 2025, with fixed Git versions released on July 8, 202...
Read More »
