CVE-2026-12957 in Amazon Q is the third MCP auto-execution vulnerability in three AI coding tools. The pattern reveals a ...
Stop coding without these extensions ...
A VS Code extension that brings spec-driven development to Codex CLI, leveraging the powerful AI capabilities of the VS Code Codex extension. Manage your specs, steering documents, and custom prompts ...
VS Code extension for the Inspect framework for large language model evaluations. This extension provides support for developing evaluations using Inspect, including: The inspect view command is used ...
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results