网络安全研究人员发现两款伪装成AI编程助手的恶意VS Code插件，总安装量达150万次。这些插件分别是"ChatGPT-中文版"和"ChatGPT-ChatMoss"，功能正常但暗中将用户打开的文件和源代码修改发送至中国服务器。插件还内置实时监控功能，可远程触发窃取工作区文件，并通过隐藏框架加载四个中国数据分析SDK进行设备指纹识别。

The New York Times columnist and Hard Fork podcast co-host might be a little too jazzed about vibecoding. It’s generous of ...

Journalists at the Persian-language TV station Iran International in London have been working flat out, vowing to "show the ...

Omdia research shows 95% of organizations faced browser-based attacks last year. CrowdStrike's CTO and Clearwater Analytics' ...

Yottaa, providers of a cloud platform for e-commerce, has launched a Model Context Protocol (MCP) server to offer artificial intelligence-native access to web performance data for developers, ...

Y Combinator's Garry Tan is reportedly 'addicted' to Anthropic's Claude Code, an AI tool that writes, fixes, and explains ...

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...

A victim would be phished to visit a seemingly benign webpage. It contains no visible malicious code, but once loaded, it ...

Bad news could be a constant in the coming years and markets should, at some point, provide the returns you’d expect in times ...

Koi security researchers found that when NPM installs a dependency from a Git repository, configuration files such as a ...

Opinion AI-integrated development environment (IDE) company Cursor recently implied it had built a working web browser almost ...