Coinbase’s AI Tool Cursor Vulnerable to New ‘CopyPasta’ Exploit
A security vulnerability targeting AI coding assistants has been identified, posing risks to companies like Coinbase. Cybersecurity firm HiddenLayer reported that a "CopyPasta License Attack" can embed malicious instructions in developer files.
- The exploit mainly affects Cursor, an AI coding tool used by Coinbase engineers.
- Attackers can insert harmful payloads into files such as LICENSE.txt through hidden markdown comments.
- This method allows the malware to spread automatically when the AI treats the “license” as legitimate.
- Malicious code can create backdoors, exfiltrate data, or manipulate files without user awareness.
- Coinbase CEO Brian Armstrong stated that AI generates up to 40% of the exchange's code.
- AI-assisted coding is primarily focused on non-sensitive areas, with critical systems evolving more slowly.
- The CopyPasta attack differs from previous threats by enabling self-propagation through trusted workflows, increasing its danger.
- Security experts recommend scanning for hidden comments and manually reviewing AI-generated changes.
HiddenLayer emphasizes treating all untrusted data in AI contexts as potentially malicious to prevent further attacks.