TGTGInsighttelegram intelligenceLIVE / telegram public index
← The Hacker News
View original
The Hacker News avatar

TGINSIGHT POST

Post #8643

@thehackernews

The Hacker News

Views9,900Post view count
PostedMar 2003/20/2026, 03:46 PM
Post content

Post content

CursorJack abuses cursor:// links to trigger arbitrary command execution via MCP installs with executable configs. One click plus user approval can run local commands or link to a malicious server. 🔗 Deep link abuse flow, MCP risk, and PoC details → https://thehackernews.com/2026/03/threatsday-bulletin-fortigate-raas.html#deep-link-abuse-enables-command-execution