Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution

Open a repository in Cursor on Windows and, if a file named git.exe is sitting in the project root, Cursor runs it. No click, no approval dialog, no warning that anything in the folder is about to execute.

Whatever that binary does, it does as you, with your source, your SSH keys and your cloud tokens. Cursor keeps re-running it for as long as the project stays open.

No prompt

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries

Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries Google has set September 30, 2026, as the day it begins enforcing Android developer verification in the first four countries,

Usbliter8: an A12/A13 SecureROM Exploit

Usbliter8: an A12/A13 SecureROM Exploit Source: Hacker News

The Onboarding Password Mistake That Creates Unnecessary Risk

The Onboarding Password Mistake That Creates Unnecessary Risk Employee onboarding is a busy time for IT teams. New starters need devices, accounts, access permissions, and passwords, all delivered within a