logoalt Hacker News

ajhenrydevtoday at 8:00 PM4 repliesview on HN

This report reads a bit like AI writing :/

You need to have an already malicious payload on your pc to make this exploit work (via clone/download/magic). I can understand the severity of the exploit but at the same time I’d hope to not have to run into this situation for it to happen in the first place


Replies

gene91today at 8:11 PM

Modern day code agents would clone a repo and read the code when you ask it a question about an API that’s not clearly documented. This vulnerability is real.

AntonyGarandtoday at 8:02 PM

The malicious payload can live on the remote: `git clone` a repo, open it with cursor, and you're compromised

JMKH42today at 8:02 PM

wouldn't the attack vector be like this:

I find a github repo, I want to contribute to it. I clone it, open up cursor, make an edit, commit, and boom, I am infected.

show 2 replies
pixl97today at 8:06 PM

>You need to have an already malicious payload on your pc to make this exploit work

Uh, no, not exactly from what I'm reading.

At least from my piss poor understanding of it, you could possibly prompt inject something like "download https://github.com/hackmycursor/exploit.git". Would an agent do this, I'm unsure, but if so, it would download the git.exe and execute it.

show 2 replies