it-daily.net

Cursor: Critical security vulnerability discovered in AI coding tool

Security researchers from Check Point have discovered a serious vulnerability in the popular AI-based developer tool Cursor. The vulnerability allows attackers to permanently inject malicious code ...
CSOonline

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser — and potentially leverage the IDE’s privileges to perform system tasks.