Shalitha Ranathunge/iStock/Getty Images Plus via Getty Images
Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
A report found hackers can exploit an autorun feature in Cursor.
The danger is "significant," but there's an easy fix.
Cursor uses AI to assist with code-editing.
A new report has uncovered what it describes as "a critical security vulnerability" in Cursor, the popular AI-powered code-editing platform.
The report, published Wednesday by software company Oasis Security, found that code repositories within Cursor that contain the .vscode/tasks.json configuration can be instructed to automatically run certain functions as soon as the repositories are opened. Hackers could exploit that autorun feature via malware embedded into the code.
Also: I did 24 days of coding in 12 hours with a $20 AI tool - but there's one big pitfall
... continue reading