Skip to content

Let's Data ScienceLEARN • BUILD • STAY AHEAD

News
Blog
Code Problems
Pricing
Contact

© 2026 Let's Data Science

Advertise|Terms|Privacy||Image Rights

NewsCursor Deeplinks Enable MCP Server Installation Abuse

Analysismcpdeeplinkscursorsecurity

Cursor Deeplinks Enable MCP Server Installation Abuse

|March 17, 2026

8.3

Relevance Score

Cursor Deeplinks Enable MCP Server Installation Abuse — Photo: proofpoint.com · rights & takedowns

Proofpoint Threat Research on January 19, 2026, reports that Cursor’s cursor:// Model Context Protocol (MCP) deeplink mechanism can be abused (CursorJack) to install malicious MCP servers or execute arbitrary commands when a user clicks a deeplink and accepts the installation prompt. In tests a single click plus user approval executed attacker commands (including a Meterpreter stager), potentially enabling credential theft and lateral movement; defenders should enforce EDR, URL-handler policies, and strict install verification.

Scoring Rationale

High technical credibility and actionable PoC, limited to Cursor-specific deeplink configurations and user-approval context.

Newsletter·Weekly · Free

Weekly AI News

A 5-minute Monday brief on AI & data science. Curated, no fluff.

Email address

No spam. Privacy.

Practice interview problems based on real data

1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.

Try 250 free problems

More AI & Data Science News

OpenAI Posts $5.7B Q1 Revenue, Leads Anthropic

OpenAI Posts $5.7B Q1 Revenue, Leads Anthropic

Lee Discusses Korea Labor Policy with ILO Chief

Lee Discusses Korea Labor Policy with ILO Chief

Hackers Use Hugging Face to Deliver npm Malware

Hackers Use Hugging Face to Deliver npm Malware

LLMs.txt Guides AI Discoverability and GEO Signals

LLMs.txt Guides AI Discoverability and GEO Signals

Back to News Feed

News on Let's Data Science is compiled from multiple public sources with editorial oversight. See our Editorial Standards and Corrections Policy.