{"id":14293,"date":"2026-07-14T13:05:09","date_gmt":"2026-07-14T13:05:09","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/07\/14\/cursor-ide-malicious-code-poisoned-repos\/"},"modified":"2026-07-14T13:05:09","modified_gmt":"2026-07-14T13:05:09","slug":"cursor-ide-malicious-code-poisoned-repos","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/07\/14\/cursor-ide-malicious-code-poisoned-repos\/","title":{"rendered":"Cursor IDE Auto-Executes Malicious Code in Poisoned Repos"},"content":{"rendered":"<p>    Cursor IDE Auto-Executes Malicious Code in Poisoned Repos<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>Researchers reported the vulnerability to Cursor in December, but it still remains in the popular AI coding platform and can be exploited in poisoned repository attacks.<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Alexander Culafi<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/www.darkreading.com\/application-security\/cursor-ide-malicious-code-poisoned-repos\">Go to gbhackers.com<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cursor IDE Auto-Executes Malicious Code in Poisoned Repos Researchers reported the vulnerability to Cursor in December, but it still remains in the popular AI coding platform and can be exploited in poisoned repository attacks. Alexander Culafi Go to gbhackers.com<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[260],"tags":[261],"class_list":["post-14293","post","type-post","status-publish","format-standard","hentry","category-darkreading","tag-darkreading"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14293"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=14293"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14293\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=14293"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=14293"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=14293"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}