The Hacker News
@thehackernews
CursorJack abuses cursor:// links to trigger arbitrary command execution via MCP installs with executable configs.
One click plus user approval can run local commands or link to a malicious server.
�� Deep link abuse flow, MCP risk, and PoC details → https://thehackernews.com/2026/03/threatsday-bulletin-fortigate-raas.html#deep-link-abuse-enables-command-execution
One click plus user approval can run local commands or link to a malicious server.
�� Deep link abuse flow, MCP risk, and PoC details → https://thehackernews.com/2026/03/threatsday-bulletin-fortigate-raas.html#deep-link-abuse-enables-command-execution
🔥 11
🤔 7
👍 2
39 9.4K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram