Bleeping Computer

AI-powered Cursor IDE vulnerable to prompt-injection attacks

A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor, and can be exploited to execute remote code with developer privileges. The ...
Geeky Gadgets

Automate Your Coding Tasks with MCP Servers and Cursor AI

Enhancing the coding capabilities of Cursor AI can significantly improve your software development process. By integrating Zapier MCP servers, you gain the ability to automate tasks, connect APIs, and ...
CSOonline

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser — and potentially leverage the IDE’s privileges to perform system tasks.
Dark Reading

Cursor Issue Paves Way for Credential-Stealing Attacks

An inherent insecurity in the increasingly popular artificial intelligence (AI)-powered developer environment Cursor allows attackers to take over its browser to deliver credential-stealing attacks.
GIGAZINE

'LM Studio,' which can run AI models locally without an Internet connection, will add a function to connect to MCP servers

LM Studio ' is software that allows you to easily run LLM even on a PC with average performance. On June 25, 2025, LM Studio version 0.3.17 was released, which ...
InfoWorld

Microsoft adds MCP support to Visual Studio to boost development of agentic applications

However, approach with caution: MCP servers are increasingly becoming a new way to hijack systems or launch cyberattacks, research shows. Microsoft has added Model Context Protocol (MCP) support to ...