Cursor 0day: When Full Disclosure Becomes the Only Protection Left
Summary
Mindgard reports a simple yet critical Cursor 0day: when opening a project, Cursor searches for git binaries and may execute a malicious git.exe from the repo root without any user prompts, enabling arbitrary code execution. They detail vendor silence, a public disclosure timeline, and practical mitigations (AppLocker/Windows App Control; sandboxing repositories) while calling for greater accountability in coordinated security disclosures for AI-enabled development tools.