Security Alert: AI Programming Tool Cursor at Risk of New Virus Hijacking

BlockBeats News, September 5th, according to Cointelegraph, cybersecurity firm HiddenLayer reported that the AI programming tool Cursor has a "CopyPasta License Attack" vulnerability. Hackers can hide malicious commands in the LICENSE.txt and README.md files to induce the AI tool to inject the vulnerability into the codebase. This tool is widely adopted by cryptocurrency exchanges like Coinbase.

The attack leverages Markdown comment hiding to inject prompts, causing AI to automatically propagate the malicious payload while editing files. Tests have shown that AI programming tools such as Windsurf, Kiro, and Aider also have the same vulnerability. The malicious code can create backdoors, steal sensitive data, or cripple systems, all while deeply concealing itself to evade detection.