cognitive cybersecurity intelligence

News and Analysis

Search

Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution

Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution


Open a repository in Cursor on Windows and, if a file named git.exe is sitting in the project root, Cursor runs it. No click, no approval dialog, no warning that anything in the folder is about to execute.

Whatever that binary does, it does as you, with your source, your SSH keys and your cloud tokens. Cursor keeps re-running it for as long as the project stays open.

No prompt

Source: thehackernews.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts