Cursor, a major ‘vibe coding’ platform, converts natural language into work code -offerring speed and power, enhancing new enterprise safety ideas. A successful exploitation will allow the attackers to access sensitive data within the developer environment, including API keys, cloud credentials, and mother -in -law sessions.
Autorun RCE allows organization-wide agreement
The defect is present because the cursor ship with the workspace trust is closed by default, allowing the tasks to run automatically without apparent user approval. This allows the attackers to prepare one in public repository “This execution path may allow a malicious repository to compromise a developer’s machine through something as normal as browsing in a project.
Researchers at Oasis said, “Opening a ready-made scope can execute the command under the current user’s privileges, inherited file-system, network and credential access.” exposure“The readable environmental variables and locally stored secrets (tokens, APIs, configured files) can be cut, making the organization-wide blast with radius for unauthorized access to the radius.”
