News

SecurityWeek2h

Several Vulnerabilities Patched in AI Code Editor Cursor

Attackers could silently modify sensitive MCP files to trigger the execution of arbitrary code without requiring user ...
The Hacker News2d

Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection

Critical flaw in Cursor AI editor let attackers execute remote code via Slack and GitHub—fixed in v1.3 update.

AI-powered Cursor IDE vulnerable to prompt-injection attacks

A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor, and ...
The Hacker News6d

Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads

In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub ...