Cursor on Windows can execute a malicious root-level git.exe
Source headline: Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution
Intelligence Summary
A Cursor flaw on Windows allows a project folder to trigger code execution automatically. If a repository’s root contains a file named git.exe, Cursor runs it when you open the project. The executed binary runs with your user context, accessing your local environment such as files and credentials. Cursor can keep re-running the binary as long as the project remains open, without any prompt or warning. Users should avoid opening untrusted repositories in Cursor on Windows and remove/scan unexpected git.exe files in project roots.
Recommended Action
Prioritize immediate review, validate exposure, and patch or mitigate affected systems.