:

CURSOR iOS APP FORCES PRIVACY SETTING CHANGES

SECURITY DESK1 MIN READ
TUE, JUN 30, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Installing Cursor's iOS app automatically changes user privacy settings away from the stricter "Do Not Store Code" option to a more permissive mode, according to a user report. The change appears irreversible without manual intervention.

A Cursor user discovered that installing the iOS app switched their account from Privacy Mode (Legacy)—which prevents code storage—to a new Privacy Mode with broader data collection terms. The legacy setting, which had been available for over a year, is now hidden under an "Extra options" menu. The replacement Privacy Mode includes language stating that "code may be stored for Background Agents or Other Features," creating ambiguity around data handling practices. The user, who had deliberately avoided enabling the new privacy mode, reported frustration at the automatic switch. The incident raises questions about Cursor's default configuration practices and whether users are adequately informed of privacy setting changes during app installation. Cursor has not yet publicly responded to the complaint. The issue highlights the importance of reviewing account settings after installing new applications, particularly those handling sensitive code data.

■ SOURCES

Hacker News

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.

JUST NOWSecurity Desk

Security firm Intruder has developed an AI-powered system that automatically identifies previously unknown software vulnerabilities by combining code analysis with large language models. The tool already discovered and exploited a WordPress plugin zero-day.

JUST NOWAI Desk

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

6H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

6H AGOSecurity Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.