Featured, the AI co-pilot for PR, today announced the general availability of its Model Context Protocol (MCP) server, giving PR professionals a way to connect Claude, Cursor, VS Code, and any other ...
The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
VS Code 1.127 enhances agent session management, introduces per-site browser permissions, and makes browser tools for agents ...
CVE-2026-12957 in Amazon Q is the third MCP auto-execution vulnerability in three AI coding tools. The pattern reveals a ...
Stop coding without these extensions ...
Google has launched Antigravity 2.0, featuring a standalone IDE, dynamic sub-agents for parallel workflows, and a new SDK for ...
Collabora has released version 26.04 of CODE, the company's web-based office suite. CODE stands for "Collabora Online ...
VS Code’s secret weapons ...
VS Code can use LLM models other than GitHub Copilot’s built-in providers for AI-assisted development, including local and ...
A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI supply chain risks. Organizations using vulnerable versions of the Hugging ...
A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a ...