新型 PoC 攻击证实：恶意模型上下文协议（MCP）服务器可向 Cursor 浏览器注入 JavaScript，甚至可能利用该 IDE 的权限执行系统级操作。 AI Agent 与编程助手正在颠覆开发者的工作方式，同时也快速扩大了开发设备的受攻击面。最新案例显示：安全研究人员证实恶意 ...

The Browser MCP (Model Context Protocol) server, when paired with Cursor, provides a comprehensive platform for automating browser tasks and testing web applications. By combining browser navigation, ...

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser — and potentially leverage the IDE’s privileges to perform system tasks.

Enhancing the coding capabilities of Cursor AI can significantly improve your software development process. By integrating Zapier MCP servers, you gain the ability to automate tasks, connect APIs, and ...

An inherent insecurity in the increasingly popular artificial intelligence (AI)-powered developer environment Cursor allows attackers to take over its browser to deliver credential-stealing attacks.

Coplay opens public beta to all developers, expanding beyond its invite-only model. Now stewarding the Unity MCP server, Coplay deepens support for open-source game dev tools. Orchestrator Mode debuts ...

Hundreds of Model Context Protocol (MCP) servers used to link LLMs to third-party services, data sources, and tools include default configurations that could expose users to unauthorized OS command ...