CopyPasta License Attack Targets Coinbase’s Cursor AI Assistant

HiddenLayer discovered a new CopyPasta License Attack that embeds malicious prompt injections in project files like LICENSE.txt and README.md. When AI coding assistants—such as Coinbase’s preferred tool, Cursor—process these files, they treat harmful payloads as valid license text and replicate malicious instructions across codebases. Similar vulnerabilities were also found in other AI tools like Windsurf, Kiro, and Aider. This exploit can introduce stealth backdoors, exfiltrate sensitive data, and trigger resource-intensive operations without developer oversight. With about 40% of Coinbase’s code now AI-generated and a goal of 50% by October, the risk of widespread compromise grows. This CopyPasta License Attack highlights the need to scan for hidden comments, manually review AI-generated changes, and treat every input to coding assistants as untrusted to mitigate prompt-based attacks on crypto platforms.