VSCode IDE forks expose users to "recommended extension" attacks

Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, ...

New GlassWorm malware wave targets Macs with trojanized crypto wallets

A fourth wave of the "GlassWorm" campaign is targeting macOS developers with malicious VSCode/OpenVSX extensions that deliver ...
CSOonline

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser — and potentially leverage the IDE’s privileges to perform system tasks.
SDxCentral

Oracle Database MCP integration opens up AI-driven database access

Oracle integrated model context protocol (MCP) into its Database platform, bringing AI-based remote database interaction into network environments. According to an Oracle blog published this week, ...