» Tag
cursor
3 postsJuly 2026
Cursor Sandbox Escape Shows AI Agents Need Kernel Boundaries
Two critical bugs in Cursor's command sandbox let an attacker-controlled AI agent write outside it and reach RCE. Both are fixed in Cursor 3.0.
cursorai-agentssandboxcveThe Forgotten Symlink: 'It Works' Isn't 'It's Maintained'
A repo had the right Cursor symlinks all along, but forgot why they mattered - proving working code isn't the same as maintained code.
aidevtoolscursorconfiguration-driftCursor and OpenVSX face extension hijacking risk
Trendyol's security team uncovered a live namespace-squatting attack abusing OpenVSX to hijack extensions in Cursor, VSCodium, Windsurf and other VS Code forks.
supply-chain-securityopenvsxcursorvscode