Comply with ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- A report discovered hackers can exploit an autorun characteristic in Cursor.
- The hazard is “vital,” however there’s a simple repair.
- Cursor makes use of AI to help with code-editing.
A brand new report has uncovered what it describes as “a vital safety vulnerability” in Cursor, the favored AI-powered code-editing platform.
The report, revealed Wednesday by software program firm Oasis Safety, discovered that code repositories inside Cursor that comprise the .vscode/duties.json configuration might be instructed to routinely run sure features as quickly because the repositories are opened. Hackers might exploit that autorun characteristic by way of malware embedded into the code.
Additionally: I did 24 days of coding in 12 hours with a $20 AI tool – but there’s one big pitfall
“This has the potential to leak delicate credentials, modify recordsdata, or function a vector for broader system compromise, putting Cursor customers at vital threat from provide chain assaults,” Oasis wrote.
Whereas Cursor and different AI-powered coding instruments like Claude Code and Windsurf have turn into fashionable amongst software program builders, the know-how remains to be fraught with bugs. Replit, one other AI coding assistant that debuted its newest agent earlier this week, lately deleted a company’s entire database.
The safety flaw
In line with Oasis’ report, the issue is rooted in the truth that Cursor’s “Office Belief” characteristic is disabled by default.
Mainly, this characteristic is meant to be a verification step for Cursor customers in order that they solely run code that they know and belief. With out it, the platform will routinely run code that is in a repository, leaving the window open for dangerous actors to surreptitiously slip in malware that might then jeopardize a consumer’s system — and from there, doubtlessly unfold all through a broader community.
Additionally: I asked AI to modify mission-critical code, and what happened next haunts me
Operating code with out the Office Belief characteristic might open “a direct path to unauthorized entry with an organization-wide blast radius,” Oasis mentioned.
In an announcement to Oasis that was revealed within the report, Cursor mentioned that its platform operates with Office Belief deactivated by default because it interferes with a few of the core automated options that customers routinely rely on.
“We suggest both enabling Workspace Belief or utilizing a fundamental textual content editor when working with suspected malicious repositories,” the corporate mentioned.
Additionally: That new Claude feature ‘may put your data at risk,’ Anthropic admits
Cursor additionally advised Oasis that it might quickly publish up to date safety tips relating to the Workspace Belief characteristic.
Methods to keep protected
The answer, then, is to easily allow the Office Belief characteristic in Cursor. To do that, add the next safety immediate to settings, after which restart this system:
{
“safety.workspace.belief.enabled”: true,
“safety.workspace.belief.StartupPrompt”: “all the time”
ZDNET has reached out to Cursor for additional remark.
