IDE-SECURITY

30 days · UTC

LIVE_DATA_STREAM // APRIL_14_2026

Synchronizing with global intelligence nodes...

DENSITY_RATIO: MAX

MCP-POWERED CODING AGENTS HIT REAL TOOLING (CHROME DEVTOOLS, ABL IN WINDSURF) AS TYPOSQUATTING TARGETS IDES

MCP-based coding agents are moving into serious dev workflows while IDE extension typosquatting raises fresh supply chain risk. Google’s open-source ...

WINDSURF-EDITOR

MAR_21 // 07:12

Malicious fake Windsurf extension uses Solana blockchain for C2, targets developer credentials

A fake Windsurf IDE extension is stealing developer credentials and using the Solana blockchain for command-and-control.

WINDSURF

MAR_20 // 08:27

Fake Windsurf extension steals developer credentials via Solana-hosted payloads

Attackers shipped a fake Windsurf IDE extension that fetches malware from Solana transactions to exfiltrate developer credentials. Bitdefender detail...

WINDSURF

MAR_19 // 08:35

Malicious Windsurf IDE extension steals dev credentials via Solana; tighten IDE extension hygiene

A fake Windsurf R-language extension used the Solana blockchain to drop a NodeJS stealer that targets developer credentials. Bitdefender found a Wind...