Security researchers at LayerX have uncovered a high-severity vulnerability in the popular AI-powered development environment, Cursor. Dubbed >>CursorJacking,<< this flaw carries a CVSS score of 8.2 and exposes developers to immediate credential theft. Any installed extension can silently access a user's API keys and session tokens without requiring special permissions or user interaction. Standard security […] The post Cursor AI Extension Flaw Exposes Developer Tokens to Credential Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/cursor-ai-extension-flaw-exposes-developer-tokens/
