CVE-2026-12957 in Amazon Q is the third MCP auto-execution vulnerability in three AI coding tools. The pattern reveals a ...
Stop coding without these extensions ...
A VS Code extension that brings spec-driven development to Codex CLI, leveraging the powerful AI capabilities of the VS Code Codex extension. Manage your specs, steering documents, and custom prompts ...
VS Code extension for the Inspect framework for large language model evaluations. This extension provides support for developing evaluations using Inspect, including: The inspect view command is used ...
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...