Security Alert: AI Programming Tool Cursor at Risk of New Virus Hijacking
By: theblockbeats.news|2025/09/05 13:32:25
0
Share
BlockBeats News, September 5th, according to Cointelegraph, cybersecurity firm HiddenLayer reported that the AI programming tool Cursor has a "CopyPasta License Attack" vulnerability. Hackers can hide malicious commands in the LICENSE.txt and README.md files to induce the AI tool to inject the vulnerability into the codebase. This tool is widely adopted by cryptocurrency exchanges like Coinbase.
The attack leverages Markdown comment hiding to inject prompts, causing AI to automatically propagate the malicious payload while editing files. Tests have shown that AI programming tools such as Windsurf, Kiro, and Aider also have the same vulnerability. The malicious code can create backdoors, steal sensitive data, or cripple systems, all while deeply concealing itself to evade detection.
You may also like
Morning Report | CoinEx becomes a key hub for Iran to evade sanctions, involving over $3.8 billion in funds; Kalshi seeks a new round of financing, with a valuation potentially rising to $40 billion
Overview of Important Market Events on June 25
Why do cryptocurrency projects always like to change their names?
In many cases, the old names of encryption projects have no competitive advantage, only historical baggage.
From the white-haired stock god to the billionaire fund mogul, the smart people shorting Nvidia are all getting rich using the same framework
Give up on heavily investing in Nvidia's "nine major bottlenecks"! This article analyzes the underlying logic behind top AI investors making billions: physical infrastructure such as electricity, HBM, and optical interconnects are the true keys to wealth in AI hardware.
Morning News | The draft amendment to the People's Bank of China Law aims to clarify the legal status of digital renminbi; South Korea will transfer about 40 unregistered virtual asset service providers to law enforcement agencies
Overview of Important Market Events on June 24
The cryptocurrency industry has entered the "Show Me" era: merely relying on vision is no longer enough
The awareness level of the audience in the cryptocurrency industry—including media, institutions, and retail investors—is steadily increasing, and this trend has become a foregone conclusion.
Interpreting the Ethereum Foundation's new structure: Reaffirming self-sovereignty amid institutional trends
The Ethereum Foundation has announced a new five-layer working framework, clarifying the focus of future development and reaffirming its commitment to decentralized core values amidst the wave of institutionalization.
Former SpaceX engineer reconstructs the financial execution system using first principles
Plan Execution Lab completes angel round financing for Singapore family office, with a valuation of 50 million USD.
Tidal Investment: We still have a positive outlook on the AI industry chain, but the reasons have changed
The intense financing by tech giants has triggered a panic of "AI peak," but the soaring capital expenditures of the five major cloud vendors and the bottlenecks in physical infrastructure indicate that the AI investment cycle is far from over; the second half of this grand performance has just begu...
Standard Chartered Bank sings a 50x rhapsody again, aiming for AAVE to reach 3500 USD
The throne of DeFi lending still exists, but the foundation beneath the throne needs to undergo a reconstruction or reinforcement.
The interim executive director of the Ethereum Foundation speaks out: What is our mission?
"We are here to strengthen defenses against where Ethereum has already become or may become extractive, comprehensive, or susceptible to cartel or state control, or influenced by tools of surveillance or coercion from authoritarian regimes."
Why does OKX want to start a new company with the parent company of the New York Stock Exchange?
ICE and OKX established OKXICE, symbolizing the relationship between traditional finance and the crypto market is transitioning from "tentative cooperation" to "infrastructure-level integration."
Why Is PAXG Price Different From Gold? 5 Reasons Crypto Traders Should Know
Why is PAXG different from gold? Learn the 5 key reasons PAXG and XAUT prices can trade above or below spot gold, including liquidity, funding rates, futures basis, and weekend trading effects.
WEEX OpenAPI 101: 5 Powerful Modules, AI Trading Tools, and Grab Up to 70% Revenue Opportunities
Learn how WEEX OpenAPI connects traders, developers, AI agents, and trading platforms. Discover WEEX API features, Binance-compatible integration, automated trading workflows, revenue opportunities, and ecosystem possibilities.
Interview with NDV Founder Jason Huang: Popping the AI Bubble and the Myth of Microstrategy, Seeking the Ultimate Ace in the Crypto Market
Exclusive Interview with NDV Founder Jason Huang: MicroStrategy's coin selling triggered a stampede, BTC has fallen into a liquidity squeeze, and the current market has not yet bottomed out, patiently waiting for a "FTX-level" iconic panic event to clear.
Morning Report | Former Ethereum Foundation researcher establishes Ethlabs; EU Parliament Economic Committee passes digital euro regulatory proposal
Overview of Important Market Events on June 23
Dragonfly partner Haseeb: The fastest-growing companies in the future may all be stuck at 149 people
The pricing of large models is actually an "AI tax": it shackles large enterprises with computing power constraints, slows down automation, but turns subscriptions into a subsidy for small teams' innovative dividends. By capping the scale at under 149 people, startups can continuously experiment wit...
How xBubble Breaks the Deadlock in VC's Heavy Investment in the OPC Economy
DAPPOS launched xBubble, using the innovative model of "SOP is business" to solve the challenges of implementing AI Coding, allowing OPCs who do not understand technology to create a real business closed loop with zero threshold.
The encrypted unicorn Blockstream is deeply embroiled in a serious fraud case
As a mining note product aimed at investors, it inherently carries significant risks. This leaves considerable room for further explanation regarding BMN's actual scale, use of funds, sources of income, and governance disclosures.
Morning Report | CoinEx becomes a key hub for Iran to evade sanctions, involving over $3.8 billion in funds; Kalshi seeks a new round of financing, with a valuation potentially rising to $40 billion
Overview of Important Market Events on June 25
Why do cryptocurrency projects always like to change their names?
In many cases, the old names of encryption projects have no competitive advantage, only historical baggage.
From the white-haired stock god to the billionaire fund mogul, the smart people shorting Nvidia are all getting rich using the same framework
Give up on heavily investing in Nvidia's "nine major bottlenecks"! This article analyzes the underlying logic behind top AI investors making billions: physical infrastructure such as electricity, HBM, and optical interconnects are the true keys to wealth in AI hardware.
Morning News | The draft amendment to the People's Bank of China Law aims to clarify the legal status of digital renminbi; South Korea will transfer about 40 unregistered virtual asset service providers to law enforcement agencies
Overview of Important Market Events on June 24
The cryptocurrency industry has entered the "Show Me" era: merely relying on vision is no longer enough
The awareness level of the audience in the cryptocurrency industry—including media, institutions, and retail investors—is steadily increasing, and this trend has become a foregone conclusion.
Interpreting the Ethereum Foundation's new structure: Reaffirming self-sovereignty amid institutional trends
The Ethereum Foundation has announced a new five-layer working framework, clarifying the focus of future development and reaffirming its commitment to decentralized core values amidst the wave of institutionalization.
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com
