Rogue MCP Servers Exploit Vulnerability in Cursor Code Editor
First seen 17 Nov 2025, 09:55 UTC
•
•78% similarity
•20
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Security researchers have identified a vulnerability in Cursor, an AI-powered code editor, that allows rogue Model Context Protocol (MCP) servers to inject malicious code into its internal browser. This exploit can replace legitimate login pages with attacker-controlled pages, compromising user security. The lack of integrity verification in Cursor's features makes it particularly susceptible to such attacks.
ThreatCluster AI