An unpatched vulnerability in Cursor on Windows could allow attackers to achieve code execution via malicious repositories.
In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.