-->
#1 Trusted Cybersecurity News Platform
Followed by 5.70+ million
The Hacker News Logo
Get the Latest News
cybersecurity

Cursor | Breaking Cybersecurity News | The Hacker News

Category — Cursor
Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands

Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands

7月 01, 2026 AI Coding / Vulnerability
Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a developer's computer. There is no click to fall for and no approval box to ignore. Cato AI Labs found the pair and named them DuneSlide . They are tracked as CVE-2026-50548 and CVE-2026-50549, both rated 9.8 out of 10 (or 9.3 under the newer CVSS 4.0 scale). The fix is already out. Both bugs are patched in Cursor 3.0, released April 2, and every version before 3.0 is affected. Cursor's maker says more than half the Fortune 500 use the tool, so if you run it, update now. What the sandbox was for, and how it broke Starting in the 2.x line, Cursor runs the terminal commands its AI agent issues inside a sandbox by default: a locked box that limits what those commands can touch, so a stray instruction cannot wreck the machine. DuneSlide is about getting out of that box. The way in is prompt injection . The attacke...
Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval

Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval

8月 05, 2025 AI Security / MCP Protocol
Cybersecurity researchers have disclosed a high-severity security flaw in the artificial intelligence (AI)-powered code editor Cursor that could result in remote code execution. The vulnerability, tracked as CVE-2025-54136 (CVSS score: 7.2), has been codenamed MCPoison by Check Point Research, owing to the fact that it exploits a quirk in the way the software handles modifications to Model Context Protocol (MCP) server configurations. "A vulnerability in Cursor AI allows an attacker to achieve remote and persistent code execution by modifying an already trusted MCP configuration file inside a shared GitHub repository or editing the file locally on the target's machine," Cursor said in an advisory released last week. "Once a collaborator accepts a harmless MCP, the attacker can silently swap it for a malicious command (e.g., calc.exe) without triggering any warning or re-prompt." MCP is an open-standard developed by Anthropic that allows large language mode...
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors

New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors

3月 18, 2025 AI Security / Software Security
Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code. "This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent configuration files used by Cursor and GitHub Copilot," Pillar security's Co-Founder and CTO Ziv Karliner said in a technical report shared with The Hacker News. "By exploiting hidden unicode characters and sophisticated evasion techniques in the model facing instruction payload, threat actors can manipulate the AI to insert malicious code that bypasses typical code reviews." The attack vector is notable for the fact that it allows malicious code to silently propagate across projects, posing a supply chain risk. The crux of the attack hinges on the rules files that are used ...
cyber security

The Systems That Power America Are Under Threat. Is Your ICS/OT Program Ready?

websiteSANS InstituteCritical infrastructure / Webinar
Discover where federal ICS programs are most exposed and what closing the skills gap requires in practice.
cyber security

Inside Device Code Phishing: Live Demos, Real Kits, and What's Next

websitePush SecurityPhishing Attack / Webinar
Device code attacks are up 37x this year, with 18+ kits in the wild. Now available on-demand.
Expert Insights Articles Videos
Cybersecurity Resources