Bleeping Computer

Cursor AI editor lets repos “autorun” malicious code on devices

A weakness in the Cursor code editor exposes developers to the risk of automatically executing tasks in a malicious repository as soon as it’s opened. Threat actors can exploit the flaw to drop ...
CSOonline

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser — and potentially leverage the IDE’s privileges to perform system tasks.
GeekWire

‘Massive productivity booster’: Seattle developers on how Cursor is changing the way they code

GeekWire chronicles the Pacific Northwest startup scene. Sign up for our weekly startup newsletter, and check out the GeekWire funding tracker and VC directory. by Taylor Soper on Jun 25, 2025 at 8:20 ...