CI/CD Poisoning

• 'Clinejection': spread a payload by opening an issue

Show more →

DevDefender File Watcher

• Download v0.2

Show more →

Extension Vulnerabilities

• 128M Downloads: Four VSCode Extension Vulnerabilities

Show more →

IDE Vulnerabilities: Config Poisoning

• Zed LSP Arbitrary Code Execution

Show more →

MCP Vulnerabilities

• Relative path traversal in git MCP Server: data exfiltration using 'git_add'

Show more →

PoC Exploits

• Exploit Cursor Agents to create persistent, distributed threats

Show more →

Supply Chain Vulnerabilities

• SANDWORM_MODE: npm Worm Poisoning AI Toolchains

Show more →