AI SecurityCursor IDE's Sandbox Cracked by Prompt Injection — No User Interaction Required
Two logic flaws in Cursor's command execution sandbox let attackers escape the isolation layer and run code on the underlying OS. Patches landed in April. The researchers say Cursor isn't alone.