Hosted on MSN

Cursor vulnerability raises risks for API key security

A severe vulnerability in the AI-powered development tool Cursor allows installed extensions to access locally stored API keys and session tokens without user action, according to LayerX researchers.
Infosecurity Magazine

Cursor Extension Flaw Exposes Developer API Keys

Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX ...

AI agent's unauthorized data deletion highlights risks in cloud API design

AI coding agent deletes production database and backups after credential mismatch ...