Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are non-existent in the Open VSX registry, potentially opening the door to supply chain risks when bad actors publish malicious packages under those names.
The problem, according to Koi, is that these

Recommended Comments
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.