Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
InfoWorld

New npm worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.
GitHub

CodeCursor (Cursor for Visual Studio Code)

What's Cursor? And Why This Extension? Cursor is an AI code editor based on OpenAI GPT models. You can write, edit, and chat about your code with it. At this time, Cursor is only provided as a ...