Head Topics

Beyond the Breaking News

Tesla Cybertruck Driver Arrested After Improper Use of Off-Road FeatureTesla Cybertruck Driver Arrested After Improper Use of Off-Road Feature Netflix's 2-Part Fantasy Series Is So Good, It United A Split FandomNetflix's 2-Part Fantasy Series Is So Good, It United A Split Fandom Inside China's Deadliest Mine Disaster in Over a Decade: The Secret Tunnels, 'Yin-Yang' Drawings, and Systemic Failure Behind the Shanxi Coal BlastInside China's Deadliest Mine Disaster in Over a Decade: The Secret Tunnels, 'Yin-Yang' Drawings, and Systemic Failure Behind the Shanxi Coal Blast Shell’s Wartime Windfall Sparks Global Fury as Iran Conflict Sends Oil Markets Into ChaosShell’s Wartime Windfall Sparks Global Fury as Iran Conflict Sends Oil Markets Into Chaos

Cursor AI YOLO mode lets coding assistant run wild, security firm warns

United Kingdom News News

Cursor AI YOLO mode lets coding assistant run wild, security firm warns
United Kingdom Latest News,United Kingdom Headlines
📆7/22/2025 12:22 AM
📰TheRegister
128 sec. here / 4 min. at publisher
📊News: 55% · Publisher: 61%

: You only live once, but regret is forever

Cursor's AI coding agent will run automatically, in YOLO mode, if you let it. According to Backslash Security, you might want to think twice about doing so. If the use of the term YOLO – you only live once – isn't enough of a warning about the company's approach to computer security, Tel Aviv, Israel-based Backslash says one of Cursor's supposed safeguards to prevent its agent from deleting data is"woefully inadequate, if not outright worthless.

" YOLO mode, or auto-run, allows the Cursor agent to carry out multi-step coding tasks without human approval at every step. It comes with several settings that are supposed to limit the scope of possible damage. These include: an allowlist that makes specific commands available to the agent, a denylist that specifies commands the agent should not invoke, and a checkbox to prevent files from being deleted. As entrepreneur Jason Lemkin's recent experience with Replit's AI coding tool demonstrates, LLM-based code help might just do something drastic like Cursor offers its denylist in an attempt to guard against such problems. By adding the"rm" command to the denylist, for example, the Cursor agent should be unable to use that command to delete files. Thus, some Cursor users employ"We found no fewer than four ways for a compromised agent to bypass the Cursor denylist and execute unauthorized commands," said application security analysts Mustafa Naamneh and Micah Gold, in aOpenAI deputizes ChatGPT to serve as an agent that uses your computer, or if written into a shell script, as might be done withAnd finally, the denylist can be ducked in bash environments by using double quotes or multiple sets of them, such that there's no way to explicitly block all the potential attack variations. "Cursor’s denylist cannot be relied upon," said Naamneh and Gold."While it may prevent an agent from naively running certain Linux commands, it cannot prevent a compromised agent from running any command it would like." And the security firm says that the agent's ability to execute arbitrary commands means Cursor's other defenses against auto-run/YOLO mode mishaps, like file deletion prevention, are worthless.that there are other ways the Cursor agent could execute a risky command. For example, the agent could process injected text from a shared codebase, such as a README or code comment. Or the agent could fetch and execute content from an external site containing malicious instructions. "The agent only needs to process a file, rule, or response that contains injected commands — whether local, shared, or fetched remotely," Pik explained."A web page is not required for the attack to succeed."Cursor did not immediately respond to a request for comment. According to Backslash, which reported the issue, Cursor intends to deprecate the denylist feature in the version 1.3 release,Why rapid proliferation of cloud native apps requires faster, more efficient toolsetsC-suite sours on AI despite rising investment, survey finds

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

TheRegister /  🏆 67. in UK

 

United Kingdom Latest News, United Kingdom Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Playing music aloud on public transport makes travel a nightmare - and I’m close to admitting defeatPlaying music aloud on public transport makes travel a nightmare - and I’m close to admitting defeatWe are close to losing the battle over intrusive phone use, warns Shelagh Fogarty.
Read more »

Prepare for war on British soil, Government warns in security plan for UKPrepare for war on British soil, Government warns in security plan for UKNational Security Strategy warns of increasingly dangerous world
Read more »

Gridlocked: AI's power needs could short-circuit US infrastructureGridlocked: AI's power needs could short-circuit US infrastructure: You are not prepared for 5 GW datacenters, Deloitte warns
Read more »

Wildlife trust criticises new biodiversity net gain proposalWildlife trust criticises new biodiversity net gain proposalA wildlife trust warns the government's new biodiversity net gain plan could devastate local nature.
Read more »

SEND shake-up 'to increase extreme pressure' on teachers in mainstream schoolsSEND shake-up 'to increase extreme pressure' on teachers in mainstream schoolsTeaching more pupils with 'profound' special educational needs will need more resources, union warns
Read more »

Figma files for an (A)IPO with prospectus that mentions AI 150+ timesFigma files for an (A)IPO with prospectus that mentions AI 150+ times: Warns investors its codebase is harder to maintain as it bakes in brainboxes
Read more »



Render Time: 2026-05-30 03:45:03