A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser — and potentially leverage the IDE’s privileges to perform system tasks.

An inherent insecurity in the increasingly popular artificial intelligence (AI)-powered developer environment Cursor allows attackers to take over its browser to deliver credential-stealing attacks.

A vulnerability that researchers call CurXecute is present in almost all versions of the AI-powered code editor Cursor, and can be exploited to execute remote code with developer privileges. The ...

The Model Context Protocol (mCP) is reshaping how artificial intelligence (AI) systems interact with data, tools, and environments. Developed as an open source standard by Anthropic, mCP simplifies ...

What if you could extract the essence of a website—the tone, style, and even its emotional resonance—just as easily as copying text? With the advent of Cursor AI’s new Model Control Plugins (MCPs), ...

SAN FRANCISCO, March 20, 2026 /PRNewswire/ -- WordPress.com, Automattic's hosted website platform built on the open source WordPress software, today announced the launch of new write capabilities for ...

JFrog Platform plugin for Cursor gives developers the freedom to create and deliver next generation AI-powered software with built-in governance The new JFrog Platform plugin for Cursor gives ...