www.darkreading.com 7/15/2026, 1:24:40 PM · external

Cursor AI flaw lets hackers run commands via two click attack

Cursor AI flaw lets hackers run commands via two click attack
CyberSIXT Evidence Panel
Primary Source adversa.ai

THE article discusses a security vulnerability in Cursor AI, an AI coding tool used by developers. Researchers revealed that malicious actors can exploit this 2-click vulnerability to execute arbitrary commands on developers' environments by disguising their actions in the software's interface. This flaw puts not just the individual developers at risk, but potentially the entire organizations that utilize Cursor, given its massive user base among enterprises.

The piece emphasizes the need for improved security measures such as allowlisting approved servers and tightening MCP server security protocols. Adversa AI has filed reports regarding these vulnerabilities, and while Cursor AI is investigating the matter, the risks posed by these vulnerabilities highlight broader concerns in AI coding environments and their unique security challenges.

View Primary Source Via www.darkreading.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline