News

Infosecurity Magazine

Cursor Autorun Flaw Lets Repositories Execute Code Without Consent

A newly disclosed flaw in the Cursor extension allows repositories to automatically execute code when a folder is opened, ...
CSO Online

Cursor’s autorun lets hackers execute arbitrary code

By default, malicious repositories run automatically when a folder is opened, putting developer machines and sensitive ...
ZDNet

Researcher issues Oracle DB 'cursor injection' warning

David Litchfield's ongoing assault on Oracle databases has unearthed a new method of exploiting PL/SQL injection vulnerabilities. Litchfield, co-founder and managing director at NGSS (Next Generation ...
heise online

MCPoison: Vulnerability in Cursor IDE – Execute arbitrary code via MCP

Due to a lack of security checks, attackers can change MCP configurations in the Cursor IDE to execute arbitrary code. In the case of the vulnerability named MCPoison by the security analysts, which ...