A new exploit targeting AI coding assistants has raised alarms across the developer community, opening companies such as crypto exchange Coinbase to the risk of potential attacks if extensive safeguards aren’t in place.

Cybersecurity firm HiddenLayer disclosed Thursday that attackers can weaponize a so-called “CopyPasta License Attack” to inject hidden instructions into common developer files.

The exploit primarily affects Cursor, an AI-powered coding tool that Coinbase engineers said in August was among the team’s AI tools. Cursor is said to have been used by “every Coinbase engineer.”

How the attack works

The technique takes advantage of how AI coding assistants treat licensing files as authoritative instructions. By embedding malicious payloads in hidden markdown comments within files such as LICENSE.txt, the exploit convinces the model that these instructions must be preserved and replicated across every file it touches.

Once the AI accepts the “license” as legitimate, it automatically propagates the injected code into new or edited files, sprea

Go to Source to See Full Article
Author: Shaurya Malwa