Forks of VSCode IDEs like Cursor and Google Antigravity recommend non-existent extensions from OpenVSX, risking malware exploitation as attackers can claim unregistered namespaces. Koi Security researchers reported the flaw; Cursor fixed it, and Google removed 13 recommendations. Users should verify extensions directly on OpenVSX to ensure safety.
VSCode IDE Forks Expose Users to “recommended extension” Attacks

