CSO Online

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser ...
GitHub

Why does vscode send didOpen/didClose messages when ctrl+hovering over a symbol? #1678

I'd like to better understand what vscode's purpose is in sending this didOpen / didClose pair. They don't provide any information to the client (they're notifications without responses), and they ...
GitHub

Best / most correct way to install Chrome DevTools MCP in VSCode CoPilot #385

I think it's as easy to install through the marketplace as to copy/paste in the one-liner command line execution, so it does not really matter if it's one of the other way, but it's confusing to have ...