安全公司,AI 编程工具 Cursor 存在被新病毒劫持的风险
Sep 05, 2025 12:57:08
Share to 
ChainCatcher 消息,据 Cointelegraph 报道,网络安全公司 HiddenLayer 报告称,AI 编程工具 Cursor 存在 “CopyPasta 许可证攻击” 漏洞,黑客可通过在 LICENSE.txt 和 README.md 文件中隐藏恶意指令,诱导 AI 工具将漏洞注入代码库。
该工具被 Coinbase 等加密交易平台广泛采用。攻击利用 Markdown 注释隐藏提示注入,使 AI 在编辑文件时自动传播恶意负载。测试显示 Windsurf、Kiro 和 Aider 等 AI 编程工具同样存在漏洞。恶意代码可创建后门、窃取敏感数据或瘫痪系统,且能深度隐藏避免检测。
Related Projects
Latest News
Binance Wallet will launch the Sentient (SENT) Pre-TGE Prime Sale on January 19th.
ChainCatcher
Jan 17, 2026 21:38:05
2026: Asset tokenization, stablecoins, and AI agents jointly unlock $16 trillion in idle funds
ChainCatcher
Jan 17, 2026 21:34:33
Dialogue with Lead Bank Chairman & CEO Jacqueline: Stablecoins Cannot Exist Without Banks
ChainCatcher
Jan 17, 2026 21:27:00
Trump signals personnel changes at the Federal Reserve, Bitcoin's rally faces disruptions, and the market reassesses the interest rate cut expectations for 2026
ChainCatcher
Jan 17, 2026 21:07:12
Analyst: OG holders' selling pressure weakens, Bitcoin may target $107,000
ChainCatcher
Jan 17, 2026 21:05:55
