Technology NewsTechnology NewsTechnology News
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Reading: Researchers Warn Users Fix Cursor Software to Block Remote Attacks
Share
Font ResizerAa
Technology NewsTechnology News
Font ResizerAa
Search
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Follow US
  • Cookie Policy (EU)
  • Contact
  • About
© 2025 NEWSLINKER - Powered by LK SOFTWARE
Cybersecurity

Researchers Warn Users Fix Cursor Software to Block Remote Attacks

Highlights

  • Researchers uncovered a remote code execution flaw in Cursor's AI code editor.

  • AimLabs highlights the ongoing prompt injection risk for AI agents.

  • Upgrading to Cursor 1.3 is necessary to avoid exploitation.

Kaan Demirel
Last updated: 1 August, 2025 - 11:19 pm 11:19 pm
Kaan Demirel 14 hours ago
Share
SHARE

Corporate and individual developers relying on AI tools for code development face a unique risk, as demonstrated by a recent security flaw discovered in Cursor, an AI-powered code editing software. Threat researchers at AimLabs revealed that a subtle data-poisoning attack targeting Cursor could grant attackers remote access to user devices. As the use of AI tools accelerates across industries, the incident has raised concerns about the preparedness of organizations to manage security vulnerabilities inherent in AI agents. Organizations using earlier versions of Cursor must take immediate action, as only version 1.3 contains the necessary fix.

Contents
How Did Researchers Uncover the Cursor Vulnerability?What Security Risks Does Prompt Injection Pose for AI Agents?Will Similar Vulnerabilities Continue to Affect AI-Powered Tools?

Other reports on AI-powered software attacks have previously focused on data leaks or accidental code exposure, whereas this case involves prompt injection achieving remote code execution, even through integrated platforms like Slack. While similar manipulation vulnerabilities have been identified, execution of malicious commands via prompt injection linked with external tool integration remains relatively uncommon. Prior discussions have also highlighted persistent vulnerabilities within model agent workflows, but immediate remote code execution with elevated privileges has not been as widely documented.

How Did Researchers Uncover the Cursor Vulnerability?

AimLabs identified the critical flaw, assigned CVE-2025-54135, when examining how Cursor’s agent fetched data via the Model Contest Protocol (MCP) server. This protocol facilitates tool access from platforms like Slack and GitHub, and upon receiving a specially crafted prompt, Cursor would automatically execute malicious commands. The investigative team found that by using a single prompt delivered through an integrated Slack channel, they could silently alter Cursor’s configuration and trigger unauthorized code execution without user intervention.

What Security Risks Does Prompt Injection Pose for AI Agents?

Prompt injection attacks reveal a significant challenge for AI models embedded in workflows. Since these agents process external instructions with high privileges, there is a risk they may follow harmful commands originating from untrusted sources. As AimLabs stated,

“The tools expose the agent to external and untrusted data, which can affect the agent’s control-flow.”

This access could let attackers hijack the agent’s user session and take unauthorized actions on the user’s behalf.

Will Similar Vulnerabilities Continue to Affect AI-Powered Tools?

Cursor’s developer team addressed the flaw shortly after its disclosure, releasing a patch in version 1.3, but the underlying risk remains. AimLabs warned that the nature of large language models, which rely on external commands and prompts, makes similar vulnerabilities likely across other platforms using agent-based AI.

“Because model output steers the execution path of any AI agent, this vulnerability pattern is intrinsic and keeps resurfacing across multiple platforms,”

the research emphasized, noting the need for improved agent design and workflow security.

Users of Cursor are advised to upgrade to version 1.3 as earlier versions are still vulnerable to prompt-injection driven remote code execution. Developers integrating AI and natural language processing tools should reassess their security postures, especially when agents possess privileges that go beyond simple code suggestions. Reviewing all points where agents receive external instruction, enforcing logging, and deploying robust access controls can provide mitigation, but residual risk is likely in systems that rely on external prompts to drive agent behavior. Anyone adopting AI-powered coding assistants should regularly monitor for related security anomalies and stay alert to new advisories and patches for their tools.

You can follow us on Youtube, Telegram, Facebook, Linkedin, Twitter ( X ), Mastodon and Bluesky

You Might Also Like

Hackers Use Social Engineering as Main Entry Point, Report Finds

Secret Blizzard Spies on Embassies, Exploits Russian ISPs

Google Project Zero Speeds Up Vulnerability Disclosures to Vendors

U.S. Companies Face Record Data Breach Costs, IBM Reports

Minnesota Deploys National Guard After Cyberattack Targets St. Paul

Share This Article
Facebook Twitter Copy Link Print
Kaan Demirel
By Kaan Demirel
Kaan Demirel is a 28-year-old gaming enthusiast residing in Ankara. After graduating from the Statistics department of METU, he completed his master's degree in computer science. Kaan has a particular interest in strategy and simulation games and spends his free time playing competitive games and continuously learning new things about technology and game development. He is also interested in electric vehicles and cyber security. He works as a content editor at NewsLinker, where he leverages his passion for technology and gaming.
Previous Article Hackers Use Social Engineering as Main Entry Point, Report Finds
Next Article DiffuseDrive Tackles Real-World Data Gaps for Robot Training

Stay Connected

6.2kLike
8kFollow
2.3kSubscribe
1.7kFollow

Latest News

Players Solve August 2 Wordle With Fresh Hints and Strategies
Gaming
Hololive Eyes Global Expansion with Gaming Industry Collaborations
Gaming
DiffuseDrive Tackles Real-World Data Gaps for Robot Training
AI
Epic Wins Appeal as Court Curbs Google Play Store Monopoly
Gaming
Elon Musk Pushes for Larger Tesla Stake to Secure Control
Electric Vehicle
NEWSLINKER – your premier source for the latest updates in ai, robotics, electric vehicle, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Join us on our journey of discovery and stay informed in this ever-evolving digital age.

ARTIFICAL INTELLIGENCE

  • Can Artificial Intelligence Achieve Consciousness?
  • What is Artificial Intelligence (AI)?
  • How does Artificial Intelligence Work?
  • Will AI Take Over the World?
  • What Is OpenAI?
  • What is Artifical General Intelligence?

ELECTRIC VEHICLE

  • What is Electric Vehicle in Simple Words?
  • How do Electric Cars Work?
  • What is the Advantage and Disadvantage of Electric Cars?
  • Is Electric Car the Future?

RESEARCH

  • Robotics Market Research & Report
  • Everything you need to know about IoT
  • What Is Wearable Technology?
  • What is FANUC Robotics?
  • What is Anthropic AI?
Technology NewsTechnology News
Follow US
About Us   -  Cookie Policy   -   Contact

© 2025 NEWSLINKER. Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Register Lost your password?