WHAT ARE YOU LOOKING FOR?

VSCode IDE forks expose users to "recommended extension" attacks

Roger Wilco Vulnerabilities 5 janvier 2026 Affichages : 59

Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in the OpenVSX registry, allowing threat actors to claim the namespace and upload malicious extensions. [...]

Pensée du jour :

Ce que l'homme a fait ,

l'homme peut le défaire.

"No secure path in the world"

WHAT ARE YOU LOOKING FOR?

VSCode IDE forks expose users to "recommended extension" attacks

Follow us on

Most popular

AA22-117A: 2021 Top Routinely Exploited Vulnerabilities

AA19-122A: New Exploits for Unsecure SAP Systems

Bugtraq: Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888)

Vuln: Jenkins Credentials Binding Plugin CVE-2019-1010241 Information Disclosure Vulnerability

Bugtraq: Web Application Firewall bypass via Bluecoat device

Vuln: Qualcomm Components CVE-2019-2307 Integer Underflow Vulnerability

Category

Popular Sections

About