National Cyber Warfare Foundation (NCWF)

Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution


0 user ratings
2026-07-15 11:00:34
milo
Blue Team (CND)
Open a repository in Cursor on Windows and, if a file named git.exe is sitting in the project root, Cursor runs it. No click, no approval dialog, no warning that anything in the folder is about to execute.

Whatever that binary does, it does as you, with your source, your SSH keys and your cloud tokens. Cursor keeps re-running it for as long as the project stays open.

No prompt



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/07/cursor-flaw-lets-malicious-cloned.html


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Blue Team (CND)



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.