A newly disclosed flaw in the Cursor extension allows repositories to automatically execute code when a folder is opened, even without a developer’s consent. The issue stems from the extension’s ...