Coinbase’s Go-To AI Coding Tool Found Vulnerable to ‘CopyPasta’ Exploit

A new exploit targeting AI coding assistants has raised alarms across the developer community, opening companies such as crypto exchange Coinbase to the risk of potential attacks if extensive safeguards aren’t in place.

Cybersecurity firm HiddenLayer disclosed Thursday that attackers can weaponize a so-called “CopyPasta License Attack” to inject hidden instructions into common developer files.

The exploit primarily affects Cursor, an AI-powered coding tool that Coinbase engineers said in August was among the team's AI tools. Cursor is said to have been used by “every Coinbase engineer.”

How the attack works

The technique takes advantage of how AI coding assistants treat licensing files as authoritative instructions. By embedding malicious payloads in hidden markdown comments within fil

See Full Page

107

Interests (0)

Settings

Coinbase’s Go-To AI Coding Tool Found Vulnerable to ‘CopyPasta’ Exploit

Joe Biden's Massive Bandage Sparks Health Concerns

Melania Trump wears Max Mara suit for White House AI meeting

Berkeley Bans 'Radical Mennonite Lady' From Speaking on Campus

Steve Sarkisian’s Texas Reportedly Set to Make Major Coaching Addition After Enforcing Damage Control Mode Texas is not only gearing up for its Week 2 battle, but the HC is also focused on securing el

Former CDC official calls Sen. Rand Paul a ‘bigoted bully’ in response to criticism

‘How Can Anyone Think He Is Ok?’’: Awkward Moment Caught on Camera as Melania Steps In to Help Trump, Leaving Fans More Worried About His Health

Trump to unveil Department of War as global tensions rise

US immigration news: Trump admin. plans to deport Kilmar Abrego Garcia, deported to El Salvador initially, to Eswatini, Africa

Charlie Sheen Is Open to Love Again, but ‘Probably Not Marriage’ (Exclusive)

Adam Back Joins Fight for the Soul of Bitcoin Over 'JPEG Spam'

Belarus Seeks to Cement Role as Crypto ‘Digital Haven,’ President Lukashenko Says

'If They Can Do it to Sun, Who's Next?' Say Insiders as WLFI Claims Freeze Was to 'Protect Users'

'This is not a hoax': Epstein survivors speak out demanding files be released

Trump to Sign Order Renaming Defense Department to 'Department of War'

YouTube sisters share $1 meals to help families survive soaring food prices

Court Allows Florida's Alligator Alcatraz to Remain Open

Key Points from RFK Jr.'s Senate Hearing on CDC and Vaccines

2 United Airlines planes collide on runway at California airport, damaging wing of one

RFK Jr. Faces Senate Scrutiny Over Vaccine Policies

Powerball jackpot jumps to $1.7 billion after another night without a big winner

Justice Department Investigates Federal Reserve Governor Lisa Cook

Trump's 'pro-business, pro-innovation' agenda hailed by tech leaders at White House dinner: 'Very refreshing change'