Default Cursor setting can be exploited to run malicious code on developers’ machines

An out-of-the-box setting in Cursor, a popular AI source-code editor, could be leveraged by attackers to covertly run malicious code on users’ computers, researchers have warned. An exploitable vulnerability in the Cursor AI editor Cursor is an AI-augmented fork of Visual Studio Code (VS Code), a code editor developed by Microsoft. VS Code’s Workspace Trust feature is enabled by default, ensuring that when users browse code repositories, no (potentially malicious) code can run automatically in … More →

The post Default Cursor setting can be exploited to run malicious code on developers’ machines appeared first on Help Net Security.