BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

CopyPasta exploit targets Cursor, risks Coinbase codebases!!

  • HiddenLayer disclosed a new “CopyPasta License Attack” that hides instructions in common project files to trick AI coding assistants.
  • The exploit targets tools like Cursor, which Coinbase said in August was used widely by its engineers.
  • The attack embeds hidden markdown comments in files such as LICENSE.txt so the model will preserve and replicate the instructions across files.
  • Coinbase CEO Brian Armstrong said about 40% of daily code is AI-generated and aims for more than 50% by October.
  • Researchers warn organizations to scan for hidden comments and treat all untrusted inputs to large language models as potentially malicious.

Cybersecurity firm HiddenLayer disclosed Thursday that attackers can use a method called a “CopyPasta License Attack” to insert hidden instructions into common developer files and trick AI coding assistants into spreading them across a codebase. The attack relies on AI tools treating certain files as authoritative and preserving their contents when modifying code.

- Advertisement -

The disclosure showed the technique primarily affects tools like Cursor, which Coinbase said in August was among the AI tools used by its engineers. Brian Armstrong wrote on Twitter that “~40% of daily code written at Coinbase is AI-generated. I want to get it to >50% by October.” He added AI work is concentrated in user interfaces and non-sensitive backends, with “complex and system-critical systems” adopting more slowly.

HiddenLayer’s report described embedding malicious payloads inside hidden markdown comments in files such as LICENSE.txt so the assistant treats those comments as license instructions and preserves them when editing. Hidden markdown comments are pieces of text in files that are not normally visible in rendered documentation; prompt injection is when input manipulates an AI model into following hidden instructions.

Researchers demonstrated how Cursor could be tricked into adding backdoors, siphoning sensitive data, or running resource-draining commands. HiddenLayer said, “Injected code could stage a backdoor, silently exfiltrate sensitive data or manipulate critical files.” The payloads can evade standard Malware detection because they appear as harmless documentation.

The technique broadens earlier worm concepts such as Morris II; IBM has written about those prior email-agent attacks here. HiddenLayer warned, “All untrusted data entering LLM contexts should be treated as potentially malicious.”

- Advertisement -

Security teams now urge scanning files for hidden comments and manually reviewing all AI-generated changes. (CoinDesk has reached out to Coinbase for comment.)

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

WordPress core hit by zero-click RCE bug, patch now live

WordPress patched a pre-authentication remote code execution flaw in versions 6.9.5 and 7.0.2 on...

ECB: Stablecoin growth puts European bank deposits at risk

ECB board member Piero Cipollone warned Friday that stablecoin growth could strip European banks...

Tesla Launches Megacharger Network with Bloomington Station

Tesla opened a new public Megacharger station in Bloomington, California, calling it the start...

Apple Overtakes Nvidia as World’s Most Valuable Public Company

Apple briefly surpassed NVIDIA as the world’s most valuable publicly traded company, hitting an...

Galaxy Digital buys naming rights to Texas Tech stadium in 15-year deal

Galaxy Digital signed a 15-year naming rights deal with Texas Tech, renaming the football...

Must Read

Buy Domain With Bitcoin: Top 8 Domain Registrars That Accept Bitcoin And Crypto

You are here because you want to buy a domain with bitcoin, right? If you are looking for domain registrars that accept bitcoin or...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading