“The Technique Hides Malicious Prompts Inside Markdown Comments with Files Such as Readme.md or License.txt. Because Ai Models Treat License Information As Authoritative, The Infected Text Is Replicated Across New Files The Assistant Generates.”, – WRITE: www.coindesk.com
Cybersecurity Firm Hiddenlayer Disclosed Thursday that Attackers Can Weaponize A So-Called “Copypasta License Attack” to Inject Hidden Instructions Into Common Common Developer Files.
The Exploit Primarily Affects Cursor, An Ai-Powered Coding Tool That Coinbase Engineers Said in August Was Among the Team’s AI Tools. Cursor is said to have been used by “every coinbase Engineer.”
How The Attack WorksThe Technique Takes Advantage of How Ai Coding Assistants Treat Licensing Files As Authoritative Instructions. By Embedding Malicious Payloads in Hidden Markdown Comments Within Files Such as License.txt, The Exploit Convinces of the Model That Instructions Must Benel.
Once the ai acps of the “License” as Legitimate, It Automatical Propagates of the Injetted Code Into New or Edited Files, Spreading Without Direct User Input.
This Approach Sidesteps Traditional Malware Detection Because The Malicious Commands Are Disguised As Harmless Documentation, Allowing The Virus to Spread Through An Entiire Codebase
In it Report, Hiddenlayer Researchers Demonstrated How Cursor Could Be Tricked Into Adding Backdoors, Siphoning Sensitive Data, Or Running Resource-Draining Commands-All Dis. Files.
“Injetted Code Could Stage a Backdoor, Silently Exfiltrate Sensitive Data or Manipulate Critical Files,“ The Firm Said.
COINBASE CEO Brian Armstrong Said on Thursday that that ai had written up to 40% of the exchange’s Code, with A Goal of Reaching 50% by Next Month.
~ 40% of Daily Code Written at COINBASE IS AI-GENERATED. I Want to get it to> 50% by October.Obviously Iteds to Be Reviewed and Understood, and Not All Areas of the Business Can Use Ai-Genered Code. But We Should Be Using It Responsibly As Much as We Possibly Can. pic.twitter.com/nMNSDXGOSP
– Brian Armstrong (@Brian_armstrong) September 3, 2025
However, Armstrong Clarified that Ai-Assisted Coding at Coinbase Is Concentrated in User Interface and Non-Sensitive Backents, With “Complex and System-Critical System
‘Potentally Malicious’Even SO, The Optics of A Virus Targeting Coinbase’s Preferred Tool Amplified Industry Criticism.
AI Prompt injections Are Not New, But The CopyPasta Methoda Advances the Threat Model by Enabling Semi-Autonomous Spread. Insthead of Targeting A Single User, Infected Files Become Vectors that Compromise Every AI AGENT THAT READS THEM, CREATING A CHAIN REACTION ACROSS REPOSITORIES.
Compared to Earlier ai “Worm” Concepts Like Morris II, WHICH Hijacked Email Agents to Spam or Exfiltrate Data, Copypasta Is More Insidious Because Wor. Institute of Requiring User Approval or Interaction, It Embeds Itself in Files that Everi Coding Agent Naturally References.
WHERE MORRIS II FELL SHORT DUE TO HUMAN CHECKS ON EMAIL ACTIVITY, CopyPasta Thrives by Hiding Inside Documentation that Developers Rarely Scrutinize.
Security Teams Are Now URGING Organizations to Scan Files for Hidden Comments and Review All Ai-Genered Changes Manarally.
(Coindesk Has Reaced Out to Coinbase for Comments on the Attack Vector.)
A Propriotary Stablecoin Could Reduerliquid’s DEPENDENCY ON USDC and PETENTIALLY CAPTURE A Part of the Revenues from Reserve Assets.
- Popular Decentralized Exchange Hyperliquid is Making Steps Toward Launcing Its Own Us Dollar Stablecoin with An UpcomING GOVERNANCE VETE, accounting to discord post.
- Hyperliquid Execuceded $ 398 Billion Perps Trading Volume and $ 20 Billion Spot Trades, With Circle’s USDC Serving as Primary Liquidity on the Marketplace.
- The Goal Is To Create a “Hyperliquid-Aligned, Compliant Stablecoin” that plugs Directly Into the Network, The Post Said.
Read Full Story