look at the last column and your favorite LLM for how likely they are to produce correct code (which for you seems fine), yet insecure code (which is great for attackers), that's from #baxbench project

DevDefender Security Digest — 2026-03-03 Relevant news, security threats, and vulnerability reports that affect developers, software pipelines, IDEs, and dev environments.

Introducing the DevDefender Security Digest: a collection of relevant news, security threats, and vulnerability reports that affect developers, software pipelines, IDEs, and dev environments.

Relative path traversal in git MCP Server: data exfiltration using 'git_add' Versions prior to 2026.1.14 of mcp-server-git are vulnerable to data exfiltration through relative path traversal, allowing paths outside the repository to be added to the repo and exfiltrated by committing and pushing the repository.

Versions prior to 2026.1.14 of mcp-server-git are vulnerable to data exfiltration through relative path traversal, allowing paths outside the repository to be added to the repo and exfiltrated by committing and pushing the repository.

'Clinejection': spread a payload by opening an issue There is no foolproof method of preventing all prompt injection attacks, but there are some ways to limit the scope of such an attack. This is not one of those ways.

There is no foolproof method of preventing all prompt injection attacks, but there are some ways to limit the scope of such an attack. This is not one of those ways.

shoutout to the @socket.dev team for the incredible report.

SANDWORM_MODE: npm Worm Poisoning AI Toolchains Socket’s Threat Research Team dropped an incredibly detailed report on a Shai-Hulud-like supply chain worm that affects 19+ malicious npm packages. NPM Worm Credential Harvesting From their announc...

SANDWORM_MODE is a supply chain worm that has similarities to Shai-Hulud and poisons AI Agents using an innocuous-looking MCP server installed on the developer machine.

128M Downloads: Four New VSCode Extension Vulnerabilities OX Security announced four new CVEs on VSCode extensions February 17, 2026. These four extensions had been downloaded 128M times.

OX Security has found four new vulnerable extensions in VSCode with 128M collective downloads: RCE and remote & local exfil.

Zed LSP Arbitrary Code Execution A vulnerability in the AI editor Zed allows for an attacker to modify the zed settings.json file to add an arbitrary script as an Language Server Protocol. When the malicious LSP is triggered, the cod...

Zed LSP without Restricted Mode enabled allows a project's settings configuration to load arbitrary code when a repository is opened.

Exploit Cursor Agents to create persistent, distributed threats Simply opening a folder can give an attacker a foothold into all the code bases a developer maintains.

VSCode, Cursor, and any other editor based on Visual Studio Code are vulnerable to an auto-exec vulnerability that is triggered by a simple, everyday task: opening a folder.

A little #intro - we're building an open-source #EDR for Developers.

The dev environment is getting more and more hostile. We build tools and tutorials to help you defend your code from your own dev environment: #malicious configurations, extensions, and more.

Test our pre-alpha: devdefender.net