IDE
Flaws in popular VSCode extensions expose developers to attacks
Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local files and execute code remotely. The security issues impact Code Runner (CVE-2025-65715), Markdown Preview Enhanced (CVE-2025-65716), Markdown Preview Enhanced (CVE-2025-65717), and Microsoft Live Preview (no identifier assigned). Researchers at […]
VSCode IDE forks expose users to “recommended extension” attacks
Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in the OpenVSX registry, allowing threat actors to claim the namespace and upload malicious extensions. These AI-assisted IDEs are forked from Microsoft VSCode, but cannot use the extensions in the official store due to licensing restrictions. […]
Malicious VSCode Marketplace extensions hid trojan in fake PNG file
A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with malware hidden inside dependency folders. The malicious activity was uncovered recently, and security researchers found that the operator used a malicious file posing as a .PNG image. The VSCode Market is Microsoft’s official extensions portal for the widely used […]
Cursor, Windsurf IDEs riddled with 94+ n-day Chromium vulnerabilities
The latest releases of Cursor and Windsurf integrated development environments are vulnerable to more than 94 known and patched security issues in the Chromium browser and the V8 JavaScript engine. An estimated 1.8 million developers, the userbase for the two IDEs, are exposed to the risks. Ox Security researchers explain that both development environments are built on old software […]
AI-powered Cursor IDE vulnerable to prompt-injection attacks
A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor, and can be exploited to execute remote code with developer privileges. The security issue is now identified as CVE-2025-54135 and can be leveraged by feeding the AI agent a malicious prompt to trigger attacker-control commands. The Cursor […]
Malicious VSCode extension in Cursor IDE led to $500K crypto theft
A fake extension for the Cursor AI IDE code editor infected devices with remote access tools and infostealers, which, in one case, led to the theft of $500,000 in cryptocurrency from a Russian crypto developer. Cursor AI IDE is an AI-powered development environment based on Microsoft’s Visual Studio Code. It includes support for Open VSX, an alternative […]