CSO Online

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser ...
Dark Reading

ChatGPT, GenAI Tools Open to 'Man in the Prompt' Browser Attack

An innovative prompt injection attacker can steal your data using nothing but a browser extension. Browser security vendor LayerX published research today dedicated to an attack it discovered that ...