The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.