Coinbase’s AI coding tool could be exploited through a backdoor

The Coinbase CEO may have strong-armed his company to use AI tools Cursor but according to Cybersecurity platform HiddenLayer that move could put the exchange at ￰0￱ developers’ most favored AI coding assistant has been found vulnerable to a cyberattack that can implant hidden malware and compromise the entire organization according to a new report from cybersecurity company ￰1￱ a blog published late Thursday

HiddenLayer wrote the attack exposes weaknesses in Cursor’s code editor through an exploit known as a “CopyPasta License Attack,” a method that seems harmless on the outside but embeds malicious instructions into common developer ￰2￱ discovers CopyPasta attack Cursor provides intelligent autocomplete automated code suggestions and real-time error detection to help developers simplify ￰3￱ in Auto-Run mode

where the software can execute commands automatically the researchers discovered a flaw that bypasses protections meant to prevent unsafe instructions from running without ￰4￱ propounded that the CopyPasta attack takes advantage of system prompts within Cursor that is imperative to software licensing ￰5￱ mimics licensing text like GPL agreements and then disguises itself as a README markdown ￰6￱ Attack tricking Cursor into inserting arbitrary code:) September 3 2025 Armstrong has been one of Silicon Valley’s most vocal supporters of integrating AI into corporate ￰7￱ his insistence that engineers adopt AI coding tools does not sit well with some community ￰8￱ seen where it ￰9￱ in Cryptopolitan Research and reach crypto’s sharpest investors and builders.