What if AI-assisted development is less of a threat, and more of a jetpack? This month’s report tackles vibe coding, along ...

Besides its lightweight design and compatibility with all major operating systems, a massive collection of extensions is one ...

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser ...

A 'type confusion' flaw in Chrome's V8 JavaScript engine can enable a hacker to corrupt the software's memory and execute malicious computer code.

Hackers revive GootLoader with a clever font deception that hides malware in plain sight. Learn how this new visual trick ...

Gootloader JavaScript malware, commonly used to deliver ransomware, is back in action after a period of reduced activity.

Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which ...

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial ...

"Vibe coding" appeared in early 2025 to describe the simple idea of programming with AI tools. So I tested a range of them — ...

Researchers discovered a security weakness in the AI-powered coding tool that allows malicious MCP server to hijack Cursor's ...

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities ...