Security · 1h ago
Cursor IDE Flaw Allows Auto-Execution of Malicious Code
Researchers discovered a vulnerability in Cursor IDE that auto-executes malicious code from poisoned repositories. Reported in December, the flaw remains unpatched, enabling supply-chain attacks. Users risk compromise when opening untrusted repos.
Meridian48 take
Cursor's slow response to a critical security flaw in a developer tool raises questions about AI coding platform accountability.
cursor-idesupply-chain-attack