Comply with ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- A report discovered hackers can exploit an autorun function in Cursor.
- The hazard is “important,” however there’s a simple repair.
- Cursor makes use of AI to help with code-editing.
A brand new report has uncovered what it describes as “a essential safety vulnerability” in Cursor, the favored AI-powered code-editing platform.
The report, revealed Wednesday by software program firm Oasis Safety, discovered that code repositories inside Cursor that comprise the .vscode/duties.json configuration might be instructed to mechanically run sure features as quickly because the repositories are opened. Hackers might exploit that autorun function through malware embedded into the code.
Additionally: I did 24 days of coding in 12 hours with a $20 AI tool – but there’s one big pitfall
“This has the potential to leak delicate credentials, modify recordsdata, or function a vector for broader system compromise, inserting Cursor customers at important threat from provide chain assaults,” Oasis wrote.
Whereas Cursor and different AI-powered coding instruments like Claude Code and Windsurf have grow to be widespread amongst software program builders, the expertise remains to be fraught with bugs. Replit, one other AI coding assistant that debuted its newest agent earlier this week, lately deleted a user’s entire database.
The safety flaw
In response to Oasis’ report, the issue is rooted in the truth that Cursor’s “Office Belief” function is disabled by default.
Mainly, this function is meant to be a verification step for Cursor customers in order that they solely run code that they know and belief. With out it, the platform will mechanically run code that is in a repository, leaving the window open for dangerous actors to surreptitiously slip in malware that would then jeopardize a person’s system — and from there, probably unfold all through a broader community.
Additionally: I asked AI to modify mission-critical code, and what happened next haunts me
Working code with out the Office Belief function might open “a direct path to unauthorized entry with an organization-wide blast radius,” Oasis mentioned.
In a press release to Oasis that was revealed within the report, Cursor mentioned that its platform operates with Office Belief deactivated by default because it interferes with a few of the core automated options that customers routinely rely on.
“We advocate both enabling Workspace Belief or utilizing a fundamental textual content editor when working with suspected malicious repositories,” the corporate mentioned.
Additionally: That new Claude feature ‘may put your data at risk,’ Anthropic admits
Cursor additionally advised Oasis that it might quickly publish up to date safety pointers relating to the Workspace Belief function.
Easy methods to keep protected
The answer, then, is to easily allow the Office Belief function in Cursor. To do that, add the next safety immediate to settings, after which restart this system:
{
“safety.workspace.belief.enabled”: true,
“safety.workspace.belief.StartupPrompt”: “at all times”
ZDNET has reached out to Cursor for additional remark.
