Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain ...

Users could be tricked into running arbitrary code, but the issue was patched last week.

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Notepad++ improves security mechanisms and closes a new vulnerability that allows attackers to execute malicious code.

Claude Code Security scans entire codebases to find security vulnerabilities and suggests targeted patches.

The new tool, now testing as part of Claude Code, can scan codebases for security vulnerabilities and suggest targeted software fixes for human review.

CVE-2026-21525 is a denial-of-service vulnerability affecting the Windows Remote Access Connection Manager. “Exploitation is local, requires no privileges, and does not rely on user interaction,” ...

CleanTalk WordPress plugin vulnerability affecting up to 200,000 sites could lead to remote code execution by unauthenticated attackers.

SecurityBridge today announced the launch of its SecurityBridge Code Vulnerability Analyzer (CVA) powered by AI, a significant enhancement to its holistic SAP security platform. This tool leverages ...