安全公司,AI 编程工具 Cursor 存在被新病毒劫持的风险
2025-09-05 12:57:08
Chia sẻ để 
ChainCatcher 消息,据 Cointelegraph 报道,网络安全公司 HiddenLayer 报告称,AI 编程工具 Cursor 存在 “CopyPasta 许可证攻击” 漏洞,黑客可通过在 LICENSE.txt 和 README.md 文件中隐藏恶意指令,诱导 AI 工具将漏洞注入代码库。
该工具被 Coinbase 等加密交易平台广泛采用。攻击利用 Markdown 注释隐藏提示注入,使 AI 在编辑文件时自动传播恶意负载。测试显示 Windsurf、Kiro 和 Aider 等 AI 编程工具同样存在漏洞。恶意代码可创建后门、窃取敏感数据或瘫痪系统,且能深度隐藏避免检测。
Dự án liên quan
Tin tức mới nhất
Uniswap's UNI token burn, protocol fee 'UNIfication' proposal backed overwhelmingly by voters
Coindesk
2025-12-26 23:09:38
Trust Wallet users lose at least $6 million in security breach, ZachXBT finds
The Block
2025-12-26 14:49:15
HodlHer Raises $1.5M in Strategic Funding to Build an AI Agent–Powered Web3 Operating System
Chainwire
2025-12-25 23:21:44
Streamflow Announces USD+, a Yield-Bearing Solana Stablecoin Backed by U.S. Treasury Bills
Chainwire
2025-12-24 22:30:10
Maple’s fundamentals are driving outperformance - Blockworks
Blockworks
2025-12-24 09:11:39
