A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser — and potentially leverage the IDE’s privileges to perform system tasks.

Hundreds of Model Context Protocol (MCP) servers used to link LLMs to third-party services, data sources, and tools include default configurations that could expose users to unauthorized OS command ...

An inherent insecurity in the increasingly popular artificial intelligence (AI)-powered developer environment Cursor allows attackers to take over its browser to deliver credential-stealing attacks.

The hyperscalers were quick to support AI agents and the Model Context Protocol. Use these official MCP servers from the major cloud providers to automate your cloud operations.