A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...
Tools can help check the accessibility of web applications – but human understanding is required in many areas.
Security researchers have discovered several malicious Chrome extensions on the official Chrome Web Store that can steal user data and compromise privacy. Some of these extensions are still available ...
A VS Code extension that brings spec-driven development to Codex CLI, leveraging the powerful AI capabilities of the VS Code Codex extension. Manage your specs, steering documents, and custom prompts ...
Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
Cybersecurity firm LayerX uncovers 17 malicious extensions that can enable click fraud, user tracking, and more. The most popular extension was downloaded more than 500K times.
Track your coding activity automatically and build a comprehensive history of your development journey. This VS Code extension seamlessly records your coding sessions and commits them to a GitHub ...
Another wave of malicious browser extensions capable of tracking user activity have been found across Chrome, Firefox, and ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results