The Hacker News

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...
SecurityWeek

N8n Vulnerabilities Could Lead to Remote Code Execution

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.

GoodData Announces Launch of MCP Server to Let AI Execute Analytics End-To-End

Combining MCP, analytics-as-code, and LLMs to automate analytics execution at software speed SAN FRANCISCO, CALIFORNIA ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

Kilo launches AI-powered Slack bot that ships code from a chat message

Kilo Code, an open-source AI coding startup backed by GitLab cofounder Sid Sijbrandij, launched Kilo for Slack to turn Slack ...

Claude Code costs up to $200 a month. Goose does the same thing for free.

Goose, Block’s open-source AI coding agent, is emerging as a free alternative to Anthropic’s Claude Code, as developers weigh offline control, rate limits, and the rising cost of AI coding tools.
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.

This open-source AI tool makes Google Assistant look obsolete

OpenClaw shows what happens when an AI assistant gets real system access and starts completing tasks, over just answering ...
DATAQUEST

Anthropic debuts Claude Interactive for real-time collaborative work

Anthropic debuts Claude Interactive, a live workspace for real-time code execution, data visualisation, and document editing ...

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.
Visual Studio Magazine

What a Difference a VS Code Fork Makes: Antigravity, Cursor and Windsurf Compared

VS Code forks like Cursor, Windsurf, and Google Antigravity may share a common foundation, but hands-on testing shows they ...
The Hacker News

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...