'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the ...

This 'critical' Cursor security flaw could expose your code to malware - how to fix it

A feature being disabled by default could leave users and their organizations vulnerable to commands that run automatically.
The Hacker News

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Cursor is an AI-powered fork of Visual Studio Code, which supports a feature called Workspace Trust to allow developers to safely browse and edit code regardless of where it came from or who wrote it.

VSCode market struck by huge influx of malicious WhiteCobra extensions - so be warned

Last week, BleepingComputer reported that researchers discovered two dozen malicious extensions in the Visual Studio ...