Cursor is an AI-powered fork of Visual Studio Code, which supports a feature called Workspace Trust to allow developers to ...

Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel ...

A newly disclosed flaw in the Cursor extension allows repositories to automatically execute code when a folder is opened, ...

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...

Hackers used the secrets stolen in the recent Nx supply chain attack to publish over 6,700 private repositories publicly.

A weakness in the Cursor code editor exposes developers to the risk of automatically executing tasks in a malicious ...

Research by a U.S. security firm points to the country’s leading player in AI providing higher-quality results for some ...

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...

A feature being disabled by default could leave users and their organizations vulnerable to commands that run automatically.

The DevOps company's new tool promises to streamline how developers manage software built with artificial intelligence assistance—but it's entering a crowded field.

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were ...

By default, malicious repositories run automatically when a folder is opened, putting developer machines and sensitive ...