Flaws in Popular Software Development App Extensions Allow Data Exfiltration

Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain unpatched

Source: https://www.infosecurity-magazine.com/news/vulnerabilities-vs-code-cursor/