News

'WhiteCobra' floods VSCode market with crypto-stealing extensions

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the ...

VSCode extensions pulled over security risks, but millions of users have already installed

Security researchers found malicious code hiding in two VSCode extensions Microsoft quickly pulled them and notifies users ...
GIGAZINE1y

A report that a fake VSCode extension was created and downloaded and that a flaw in the VSCode extension system that makes it easy to insert malicious code was also revealed

Microsoft's text editor 'Visual Studio Code (VSCode)' allows you to add functions and customize the appearance by introducing extensions. Security researchers released 'fake extensions that insert ...

Cursor AI editor lets repos “autorun” malicious code on devices

A weakness in the Cursor code editor exposes developers to the risk of automatically executing tasks in a malicious ...
GIGAZINE2mon

VSCan can detect malicious VSCode extensions

A free diagnostic tool called ' VSCan ' has been released that checks the code of extensions released for Visual Studio Code (VScode) and checks for security issues. Enter the extension's name or ID ...
insideHPC2y

Metabob Launches New AI Generative VSCode Extension

PALO ALTO, Calif. – May 4, 2023 – Metabob announced today a new artificial intelligence (AI)-powered virtual studio code (VSCode) extension for its debugging and refactoring tool that the company says ...
CSOonline2mon

Verified, but vulnerable: Malicious extensions exploit IDE trust badges

Developers across popular integrated development environments (IDEs) like Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor are at risk of running malicious extensions marked as “verified.” ...

Endpoint cybersecurity firm Koi raises $48M to stop attacks against enterprise networks

Koi Security Inc., a startup providing cybersecurity for enterprise endpoints, announced Wednesday it raised $48 million in ...