This ‘critical’ Cursor security flaw could expose your code to malware – how to fix it

Follow ZDNET: Add us as a preferred source on Google.

ZDNET’s key takeaways

• A report found hackers can exploit an autorun feature in Cursor.
• The danger is “significant,” but there’s an easy fix.
• Cursor uses AI to assist with code-editing.

A new report has uncovered what it describes as “a critical security vulnerability” in Cursor, the popular AI-powered code-editing platform.

The report, published Wednesday by software company Oasis Security, found that code repositories within Cursor that contain the .vscode/tasks.json configuration can be instructed to automatically run certain functions as soon as the repositories are opened. Hackers could exploit that autorun feature via malware embedded into the code.

Also: I did 24 days of coding in 12 hours with a $20 AI tool – but there’s one big pitfall

“This has the potential to leak sensitive credentials, modify files, or serve as a vector for broader system compromise, placing Cursor users at significant risk from supply chain attacks,” Oasis wrote. 

While Cursor and other AI-powered coding tools like Claude Code and Windsurf have become popular among software developers, the technology is still fraught with bugs. Replit, another AI coding assistant that debuted its newest agent earlier this week, recently deleted a company’s entire database.

The security flaw

According to Oasis’ report, the problem is rooted in the fact that Cursor’s “Workplace Trust” feature is disabled by default. 

Basically, this feature is intended to be a verification step for Cursor users so that they only run code that they know and trust. Without it, the platform will automatically run code that’s in a repository, leaving the window open for bad actors to surreptitiously slip in malware that could then jeopardize a user’s system — and from there, potentially spread throughout a broader network.

Also: I asked AI to modify mission-critical code, and what happened next haunts me

Running code without the Workplace Trust feature could open “a direct path to unauthorized access with an organization-wide blast radius,” Oasis said. 

In a statement to Oasis that was published in the report, Cursor said that its platform operates with Workplace Trust deactivated by default since it interferes with some of the core automated features that users routinely depend on. 

“We recommend either enabling Workspace Trust or using a basic text editor when working with suspected malicious repositories,” the company said.

Also: That new Claude feature ‘may put your data at risk,’ Anthropic admits

Cursor also told Oasis that it would soon publish updated security guidelines regarding the Workspace Trust feature. 

How to stay protected

The solution, then, is to simply enable the Workplace Trust feature in Cursor. To do this, add the following security prompt to settings, and then restart the program:

{

“security.workspace.trust.enabled”: true, 

“security.workspace.trust.StartupPrompt”: “always”

ZDNET has reached out to Cursor for further comment. 

Keep your entertainment at your fingertips with the Amazon Fire TV Stick 4K! Enjoy streaming in 4K Ultra HD with access to top services like Netflix, Prime Video, Disney+, and more. With an easy-to-use interface and voice remote, it’s the ultimate streaming device, now at only $21.99 — that’s 56% off!

With a 4.7/5-star rating from 43,582 reviews and 10K+ bought in the past month, it’s a top choice for home entertainment! Buy Now for $21.99 on Amazon!

Help Power Techcratic’s Future – Scan To Support

If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress.

As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!