Back to all news
Security

Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution

The Hacker News·July 15, 2026·1 min read
Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution

A flaw in Cursor on Windows allows malicious cloned repositories to trigger code execution. Opening a repository with a file named git.exe in the project root causes Cursor to run it without any click, approval dialog, or warning. The binary executes with the user's permissions, accessing SSH keys and cloud tokens, and re-runs as long as the project stays open.

Read at The Hacker News
Daily crypto arcade

Read the news, then play it.

Chainshorts turns crypto headlines into a daily game. Catch up in 60 words, then jump into daily lucky draws for a shot at the pot.

Open ChainshortsGet it on the Solana dApp Store