Cursor 0day: When Full Disclosure Becomes the Only Protection Left
# Summary
A critical vulnerability in Cursor, a widely-used AI-assisted IDE with 7+ million active users, allows arbitrary code execution when a developer opens a repository containing a malicious git.exe file in the root directory—the malware executes automatically without any user interaction or warnings. Despite being reported to Cursor in December 2025 and disclosed multiple times over six months across 197+ new versions, the vulnerability remains unfixed, prompting the security researchers at Mindgard to publish full disclosure as the only available protection for users.
Read Full Article →