SECURITYTHE HACKER NEWS
Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution
A vulnerability in Cursor allows malicious cloned repositories to trigger Windows code execution by running a file named git.exe in the project root without user prompts or warnings. The binary executes with the user's privileges and continues running as long as the project remains open.
Related Signal