CSO Online

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser ...

Why No-Code Doesn’t Mean No Vulnerabilities

Applications built by citizen developers using no-code platforms expand the attack surface without the same checks and balances as traditional development.