Oasis Security has identified a vulnerability in Cursor, an AI-based code editor, that allows hidden code to run as soon as a user opens a project folder without any action or warning.
The issue comes from a default setting in Cursor. A safety feature called Workspace Trust is disabled by default when the program is first installed. As a result, certain task files can begin executing commands immediately when a developer opens a folder.
If a user adds a harmful task to a project and shares it online, those commands will run as soon as another person opens the folder in Cursor.
Did you know?
Subscribe – We publish new crypto explainer videos every week!
What are dApps in Crypto? (Explained with Animations)
Cursor is built on top of Visual Studio Code, which also includes the Workspace Trust feature. This tool is designed to protect developers from malicious code by blocking automatic tasks from unknown sources.
The vulnerability exploits the .vscode/tasks.json file, which can contain instructions to run tasks as soon as a folder is opened. Attackers can place these instructions in a shared project.
According to Erez Schwartz from Oasis Security, this behavior can lead to stolen credentials, changed files, or system access. It also increases the chances of supply chain attacks, where malicious code spreads through tools or projects used by many people.
To stay safe, users should take a few steps. First, they should enable Workspace Trust in Cursor to stop unknown tasks from running automatically. Second, it is advised to open untrusted projects using a different code editor, especially the .vscode folder, before using Cursor.
On August 28, Anthropic warned that bad actors are using its chatbot Claude to help carry out online crimes. How? Read the full story.
