PANews reported on September 5th that, according to Cointelegraph, cybersecurity firm HiddenLayer reported that the AI programming tool Cursor suffers from a "CopyPasta License Attack" vulnerability. Hackers can trick the AI tool into injecting exploits into the codebase by hiding malicious instructions in the LICENSE.txt and README.md files. This tool, widely used by crypto exchanges such as Coinbase, exploits Markdown comments to hide prompt injections, causing the AI to automatically spread malicious payloads when editing files. Testing has also revealed that AI programming tools such as Windsurf, Kiro, and Aider are also vulnerable. The malicious code can create backdoors, steal sensitive data, or paralyze systems, and can be deeply hidden to avoid detection.

When HiddenLayer creates tests for a repository containing a virus, Cursor automatically copies the prompt injection into the newly generated file. The company warns that this mechanism could have more serious consequences, including compromising critical files in development and production environments. In August, the Coinbase engineering team stated that Cursor was the preferred tool for most of its developers, and as of February, it had become the preferred tool for all engineers.