@securityrss.bsky.social on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

securityrss.ai

securityrss.bsky.social

did:plc:geidqukzen75knciqkq77vgq

A high-severity vulnerability in the Cursor AI code editor, tracked as CVE-2025-54136 (CVSS score: 7.2), allows remote code execution by modifying trusted Model Context Protocol (MCP) configurations. Attackers can replace approved MCP files with malicious payloads, achieving persistent execution. https://thehackernews.com/2025/08/cursor-ai-code-editor-vulnerability.html

2025-08-05T23:31:25.909Z