Bleeping Computer

AI-powered Cursor IDE vulnerable to prompt-injection attacks

A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor, and can be exploited to execute remote code with developer privileges. The ...
Bleeping Computer

Cursor AI editor lets repos “autorun” malicious code on devices

A weakness in the Cursor code editor exposes developers to the risk of automatically executing tasks in a malicious repository as soon as it’s opened. Threat actors can exploit the flaw to drop ...