Blog
research findings (2)

research findings (2)

How MCP Hijacked a Cursor’s Internal Browser

by Dor Munis

MCP Hijacking of Cursor’s New Browser

We walk through how Cursor’s new browser could be compromised via JavaScript injection. Unlike VS Code, Cursor does not perform integrity checks on Cu...

13 November 2025

research findings

by Knostic Team

Deep Dive: Cursor Code Injection Runtime Attacks

A JavaScript injection attack on Cursor, facilitated by a malicious extension, can take over the IDE...

by Knostic Team

Detecting GlassWorm with YARA Rules

We’ve published YARA signatures to detect GlassWorm, a self-propagating worm first reported by Koi S...

by Knostic Team

Zero Width Unicode Characters: the Risks you Can't See

Developers read what they see, but not everything in code is visible. Zero-width Unicode characters,...

How to Spot and Analyze Malicious VS Code Extensions

by Knostic Team

Primer: How to Spot and Analyze Malicious VS Code Extensions

Practical methods to identify, inspect, and defend against compromised IDE extensions that turn deve...

Malicious VS Code Extensions Still Live on OpenVSX

by Knostic Team

Open Marketplaces: The Good, the Bad, and The Dangerous

Compromised extensions remain public even after exposure, showing how open marketplaces can be abuse...

by Knostic Team

New Malware, New Problems for IDEs and AI Coding Agents

A new malware campaign shows how vulnerable IDEs and AI coding agents have become as part of today’s...

by Shayell Aharon

99% of Publicly Shared AI Chats are Safe, New Study Finds

A new analysis by Knostic shows that public AI use is overwhelmingly safe, and mostly about learning...

by Knostic Team

Prompt||GTFO Season 1 AI Security Conversations

If you've been wondering what happens when cybersecurity professionals stop theorizing about AI thre...

by Shayell Aharon

GPT-5 “Retry” Behavior and Cross-Session Context Contamination

In AI security, small interface features can sometimes surface unexpected behaviors. Our research te...

The Source Looked Clean. The Binary Wasn't.

OpenAnt: Read the LLM Vulnerability Paper

Revoking Your Token Won't Save You: The VS Code Attack That Installs a Permanent GitHub Backdoor

Knostic Featured Across Three Categories in CSA's Agentic AI Security Innovator Market Map

Knostic Research Team Blog

Browse Blog Categories

research findings (2)

MCP Hijacking of Cursor’s New Browser

Deep Dive: Cursor Code Injection Runtime Attacks

Detecting GlassWorm with YARA Rules

Zero Width Unicode Characters: the Risks you Can't See

Primer: How to Spot and Analyze Malicious VS Code Extensions

Open Marketplaces: The Good, the Bad, and The Dangerous

New Malware, New Problems for IDEs and AI Coding Agents

99% of Publicly Shared AI Chats are Safe, New Study Finds

Prompt||GTFO Season 1 AI Security Conversations

GPT-5 “Retry” Behavior and Cross-Session Context Contamination

Schedule a demo to see what Knostic can do for you

Become Our Partner

Free Tools

Industry Solutions

Policies and Legal

Resources

Departments

Roles

Become Our Partner

Knostic Research Team Blog

Browse Blog Categories

research findings (2)

Read other posts

Schedule a demo to see what Knostic can do for you

Become Our Partner

Free Tools

Industry Solutions

Policies and Legal

Resources

Departments

Roles

STAY AHEAD IN AI RISK & COMPLIANCE

EXPLORE KNOSTIC

Free Tools

Solutions by Department

Solutions by Role

Solutions by Industry

Resources

COMPANY

Become Our Partner