Security researchers at LayerX have uncovered a high-severity vulnerability in the popular AI-powered development environment, Cursor. Dubbed “CursorJacking,” this flaw carries a CVSS score of 8.2 and exposes developers to immediate credential theft. Any installed extension can silently access a user’s API keys and session tokens without requiring special permissions or user interaction. Standard security […]

The post Cursor AI Extension Flaw Exposes Developer Tokens to Credential Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/cursor-ai-extension-flaw-exposes-developer-tokens/