Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval

Updated on August 5, 2025

Cybersecurity researchers have disclosed a high-severity security flaw in the artificial intelligence (AI)-powered code editor Cursor that could result in remote code execution.
The vulnerability, tracked as CVE-2025-54136 (CVSS score: 7.2), has been codenamed MCPoison by Check Point Research, owing to the fact that it exploits a quirk in the way the software handles modifications to Model…

Read the rest of the story at Read More

Source: The Hacker News

January 21, 2025 Uncategorized

13,000 MikroTik Routers Hijacked by Botn...

May 15, 2025 Uncategorized

Russia-Linked APT28 Exploited MDaemon Ze...

April 22, 2025 Uncategorized

Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval

Related posts

13,000 MikroTik Routers Hijacked by Botn...

Russia-Linked APT28 Exploited MDaemon Ze...

GCP Cloud Composer Bug Let Attackers Ele...

Leave a Comment Cancel reply

Recent News

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft

FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage

Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts

🕵️ Webinar: Discover and Control Shadow AI Agents in Your Enterprise Before Hackers Do