MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
code
Recherche

Vibe coding tool Cursor's MCP implementation allows persistent code execution

mercredi 6 août 2025, 01:28 , par TheRegister
More evidence that AI expands the attack surface
Check Point researchers uncovered a remote code execution bug in popular vibe-coding AI tool Cursor that could allow an attacker to poison developer environments by secretly modifying a previously approved Model Context Protocol (MCP) configuration, silently swapping it for a malicious command without any user prompt.…
Lire la suite sur TheRegister
https://go.theregister.com/feed/www.theregister.com/2025/08/05/mcpoison_bug_abuses_cursor_mcp/

Voir aussi

code VP.NET Publishes SGX Enclave Code: Zero-Trust Privacy You Can Actually Verify Slashdot15 Aug
mcp macOS Tahoe code suggests Apple has a 5G MacBook Pro coming BetaNews15 Aug
execution Sealy Promo Code: Save $300 on Mattresses in August 2025 Wired: Tech.15 Aug
vibe Vibe coding platform Anything arrives, our hands-on suggests caution TheRegister14 Aug
cursor's Over 80 percent of organizations knowingly ship vulnerable code BetaNews14 Aug
persistent B-Vibe 360 Plug Review: Backdoor Fun Wired: Tech.14 Aug
coding Claude Code's copious coddling confounds cross customers TheRegister13 Aug
allows Fortinet discloses critical bug with working exploit code amid surge in brute-force attempts TheRegister13 Aug
implementation AI model 'personalities' shape the quality of generated code TheRegister13 Aug
code Popular LLMs share strengths and weaknesses when it comes to creating code BetaNews13 Aug
mcp Five kinds of static code coupling InfoWorld13 Aug
execution VS Code previews chat checkpoints for unpicking careless talk TheRegister12 Aug
vibe A developer’s guide to code generation InfoWorld12 Aug
cursor's Newegg Promo Code: 10% Off in September 2025 Wired: Tech.12 Aug
persistent Threat actors move to smaller more persistent attacks BetaNews11 Aug
coding Multi-agent AI workflows: The next evolution of AI coding InfoWorld11 Aug
allows AI coding tools crash on launch, could reboot better in future TheRegister11 Aug
implementation $1M Stolen in 'Industrial-Scale Crypto Theft' Using AI-Generated Code Slashdot11 Aug
code 'Hour of Code' Announces It's Now Evolving Into 'Hour of AI' Slashdot10 Aug
mcp The International Obfuscated C Code Contest is back for 2024 TheRegister 9 Aug
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Date Actuelle
sam. 30 août - 01:11 CEST