ThreatCluster

Rogue MCP Servers Exploit Vulnerability in Cursor Code Editor

First seen 17 Nov 2025, 09:55 UTC CsoonlineCybersecuritynews 78% similarity 20

Article Content

Browse articles
ThreatCluster

Security researchers have identified a vulnerability in Cursor, an AI-powered code editor, that allows rogue Model Context Protocol (MCP) servers to inject malicious code into its internal browser. This exploit can replace legitimate login pages with attacker-controlled pages, compromising user security. The lack of integrity verification in Cursor's features makes it particularly susceptible to such attacks.

ThreatCluster AI

Community

Browse all →