Dark Reading

Plug-ins for Code Editors Pose Developer-Security Threat

Vulnerabilities discovered in two plug-ins for Microsoft's popular Visual Studio Code editor could allow an attacker to execute malware by tricking a developer into clicking a link, software security ...
Bleeping Computer

Cursor AI editor lets repos “autorun” malicious code on devices

A weakness in the Cursor code editor exposes developers to the risk of automatically executing tasks in a malicious repository as soon as it’s opened. Threat actors can exploit the flaw to drop ...