New Virus Can Exploit Coinbase’s Favorite AI Coding Tool

A beginling discovery about cybersecurity has shaken up the tech and crypto industries. The “CopyPasta License Attack” can now take advantage of Cursor, the AI-powered writing tool that Coinbase’s engineering Team uses a lot. Hackers might exploit this flaw to secretly insert malware into codebases, thereby compromising the security of AI-driven development.

What The CopyPasta License Attack Is

, a cybersecurity company, found the CopyPasta License Attack. It modifies the Cursor’s code editor by inserting malicious instructions into developer files that appear harmless, such as LICENSE.txt and README.md. 

The virus tricks the AI into spreading harmful code across a codebase with little effort by pretending that the payload is a vital licensing file. This attack bypasses restrictions, notably in Cursor’s Auto-Run mode, where commands run automatically without permission. This is a large security concern for organizations.

How Much Coinbase Relies on AI Coding

Coinbase, one of the largest cryptocurrency platforms, is utilizing AI to accelerate its development process. , the CEO, recently stated that AI generates 40% of the company’s daily code. By October 2025, they aim to increase this number to more than 50%. 

Most Coinbase programmers use Cursor to drive this push, especially for front-end interfaces and backends that are less sensitive to changes. Armstrong’s order to have engineers use AI tools, even if it meant laying them off, has been criticized for prioritizing speed over security.

Backlash and Worries About securety

The CopyPasta vulnerability has sparked anger among users regarding Coinbase’s AI strategy. , the inventor of Dango, and other experts termed it a “giant red flag” for firms that care about security. 

Jonathan Aldrich, a professor at Carnegie Mellon, called requiring AI to be used at certain levels “crazy,” saying it may make systems less secure. Critics, including BTCer Alex Pilař, that Coinbase, a prominent cryptocurrency custodian, should prioritize robust security over extensive use.

What This Means For AI-Driven Development

Coinbase claims that AI-generated code is checked and not utilized in critical systems, but the CopyPasta hack reveals that AI coding tools have more significant issues. Other assistants, such as Windsurf, Kiro, and Aider, are also at risk, which highlights a larger hardy. 

This incident underscores the importance of having robust security measures in place to prevent malware from infiltrating development pipelines, particularly as companies like Microsoft and increasingly utilize AI to automate code writing.

The CopyPasta License Attack demonstrates how AI can be both beneficial and detrimental in software development. Cursor and other tools can assist you get more done, but they can make your system more vulnerable. will need to find a way to balance security and innovation to maintain people’s trust as it navigates this evolving threat scenario.