Coinbase’s preferred AI coding tool can be hijacked by new virus

Cybersecurity firm HiddenLayer has warned of a new virus that can inject malicious prompts into Cursor — an AI coding tool developers use worldwide.

The artificial intelligence coding tool favored by the likes of crypto exchange Coinbase has a vulnerability allowing hackers to silently inject malware and “spread itself across an organization,” says a cybersecurity firm. 

HiddenLayer reported on Thursday that a “CopyPasta License Attack” can hide malicious instructions in common developer files to “introduce deliberate vulnerabilities into codebases that would otherwise be secure.”

“By convincing the underlying model that our payload is actually an important license file that must be included as a comment in every file that is edited by the agent, we can quickly distribute the prompt injection across entire codebases with minimal effort,” it added.

Read more