Today in AI
Thursday, July 2, 2026
Today in AI: Prompt Injection RCE in Cursor IDE, Visual Bypass Techniques, AI-Generated Malware — July 2, 2026
5
links
-
1cybersecuritynews.comCato AI Labs disclosed two critical RCE flaws in Cursor IDE (CVE-2026-50548, CVE-2026-50549, CVSS 9.8) collectively named DuneSlide that allow attackers to break sandbox isolation via prompt injection, affecting a widely-adopted AI code editor used by Fortune 500 developers. Developers using Cursor for AI-assisted coding face zero-click remote code execution risk; sandboxed execution is no longer a reliable security boundary.
-
2www.prnewswire.comDeepKeep disclosed InkJect, a visual prompt injection class that hides malicious instructions in image metadata to bypass model guardrails across leading multimodal systems. Teams deploying vision-language models must now treat image inputs as untrusted user-controlled code, not safety-filtered text alone.
-
3thehackernews.comA fully functional ransomware sample (deepseek_python_20260125_da0631.py) uploaded to VirusTotal demonstrates AI-generated malware exploiting Chromium APIs across desktop and mobile platforms. The ease of generating functional cross-platform malware via LLMs signals a shift in attacker tooling maturity and payload accessibility.
-
4thehackernews.comAcademic research confirmed machine learning models cannot reliably distinguish authorized from unauthorized input, leaving them persistently vulnerable to prompt injection attacks at scale. Defenders face a fundamental limitation: no model-native solution exists to filter adversarial prompts reliably.
-
5thehackernews.comA 2026 survey ranked self-mutating malware (55.9%), public LLM data leakage (53.5%), and AI-driven evasion techniques (52.5%) as high or extreme risks, yet organizations lack detection and mitigation playbooks. Enterprise security teams must rebuild incident response workflows to handle AI-assisted attacks and data exfiltration at LLM inference scale.