HiddenLayer, a cybersecurity firm, has provided a large yellow flag on Cursor, the AI programming tool that is becoming a popular tool for Coinbase engineers, and has identified the new “CopyPasta License Attack” virus.
This attack vector exploits a vulnerability that enables hostile code to be injected into a standard developer file, such as LICENSE.txt or README.md, which can then silently propagate throughout an organization’s code repositories, HiddenLayer reported.
This virus disguises the payload as a necessary license file (it’s essential to have licenses in the repository) and is so insidious that AI programming models can be unknowingly subjected to potentially harmful coding practices.
If HiddenLayer is correct, this lingering risk is not to be taken lightly, since these types of injections can exfiltrate sensitive data, open back doors, and impact production systems, and may be insidious enough to remain in the repositories for some time before detection, if at all.
Multiple AI Tools Shown Vulnerable to CopyPasta Attack
While Cursor has taken the majority of the attention based on how often it has been utilized by the development team at Coinbase, HiddenLayer confirmed that other AI coding platforms, including Windsurf, Kiro, and Aider, are likely vulnerable as well.
In their experimentation, the researchers demonstrated the mode of infection: Cursor gains access to a repository that contained the infected README file, and the hidden commands were automatically copied into new files created by Cursor.
This mechanism could, the firm warned, be adapted for far more nefarious activities, including resource-draining code that could cripple systems and the staging of sophisticated cyberattacks.
With Coinbase publicly revealing there were no engineers at the firm who had not adopted Cursor earlier this year, the current findings raised questions about whether using a lot of AI poses new vulnerabilities for the exchange at a critical time.
Also Read: Crypto Hackers Exploit Ethereum Smart Contracts To Hide Malware From Security Scanners
Backlash Over Coinbase’s Push for AI-Driven Development
The report arrives just days after controversial comments from Coinbase CEO Brian Armstrong, who stated that AI now does 40% of their code with the aim of increasing that to 50% as quickly as possible.
Critics like Carnegie Mellon professor Jonathan Aldrich and decentralized exchange founder Larry Lyu described the direction here as “insane” and a “giant red flag” for a business with security-sensitive applications.
Warnings from industry voices indicate that while AI presents a powerful and usable resource, putting quotas on AI adoption exposes Coinbase to unnecessary risk, especially considering its role as a major crypto asset custodian.
In addition, observers like Ashwath Balakrishnan from Delphi Consulting questioned the priorities of the company, commenting that Coinbase should be focused on fixing code, eliminating bugs, and launching new features, rather than pursuing performative AI quotas.
Also Read: Cybercrime Group “GreedyBear” Steals Over $1M in Crypto Via Fake Wallet Extensions and Malware
Armstrong’s Strict AI Policy Faces New Scrutiny Amid Leadership Changes
Adding to the controversy, Armstrong sacked engineers who were unwilling to leverage AI tools, such as Cursor and GitHub Copilot, after Coinbase bought an organization-wide license, UnoCrypto reported.
In disbelief over the pushback, Armstrong had a one-week grace period for onboarding with Cursor.
Those developers who failed to get on board with the use of the AI tools were later let go from the company – for his part, Armstrong claimed that he was heavy-handed but necessary.
While Armstrong contends that all AI work is responded to appropriately, particularly in front-end applications and back-end systems that are less material to client security, the revelations of CopyPasta renew fears that the company strives for rapidity to the detriment of safety.
While Coinbase has a newly appointed Chief Marketing Officer, Catherine Ferdon, it is unclear if leadership plans to reconsider the company’s strategy regarding artificial intelligence.