'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the ...

VSCode market struck by huge influx of malicious WhiteCobra extensions - so be warned

The researchers are calling the threat actor WhiteCobra.
SecurityWeek

Details Emerge on Chinese Hacking Operation Impersonating US Lawmaker

A Chinese group has been targeting entities involved in US-China relations, economic policy, and international trade in a ...
The Hacker News

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Cursor is an AI-powered fork of Visual Studio Code, which supports a feature called Workspace Trust to allow developers to safely browse and edit code regardless of where it came from or who wrote it.

This 'critical' Cursor security flaw could expose your code to malware - how to fix it

A feature being disabled by default could leave users and their organizations vulnerable to commands that run automatically.