Back to all events

Security Briefing on NomShub

April 16, 2026 11:00 AM
PT
Webinar

AI-assisted development environments are rapidly expanding the attack surface, and NomShub shows how quickly trusted workflows can turn into full system compromise. In this session, we break down a real-world exploit chain in the Cursor IDE, where a developer simply opens a repository and unknowingly triggers indirect prompt injection, a sandbox escape, and a persistent remote tunnel. The result is silent, durable shell access that blends into normal development activity and bypasses traditional security controls.

Join us to learn:

  • How the NomShub attack chain moves from prompt injection to persistent shell access with no explicit user action
  • How sandbox escape and remote tunneling in Cursor enable stealthy, durable access that evades EDR
  • Practical detection and mitigation strategies for securing AI-driven development workflows

AI-assisted development environments are rapidly expanding the attack surface, and NomShub shows how quickly trusted workflows can turn into full system compromise. In this session, we break down a real-world exploit chain in the Cursor IDE, where a developer simply opens a repository and unknowingly triggers indirect prompt injection, a sandbox escape, and a persistent remote tunnel. The result is silent, durable shell access that blends into normal development activity and bypasses traditional security controls.

Join us to learn:

  • How the NomShub attack chain moves from prompt injection to persistent shell access with no explicit user action
  • How sandbox escape and remote tunneling in Cursor enable stealthy, durable access that evades EDR
  • Practical detection and mitigation strategies for securing AI-driven development workflows

AI-assisted development environments are rapidly expanding the attack surface, and NomShub shows how quickly trusted workflows can turn into full system compromise. In this session, we break down a real-world exploit chain in the Cursor IDE, where a developer simply opens a repository and unknowingly triggers indirect prompt injection, a sandbox escape, and a persistent remote tunnel. The result is silent, durable shell access that blends into normal development activity and bypasses traditional security controls.

Join us to learn:

  • How the NomShub attack chain moves from prompt injection to persistent shell access with no explicit user action
  • How sandbox escape and remote tunneling in Cursor enable stealthy, durable access that evades EDR
  • Practical detection and mitigation strategies for securing AI-driven development workflows

Speakers

No upcoming events. Please check back later.

The Agentic Security Company

Straiker is SOC2 certified
Straiker is SOC2 certified
Straiker is a member of Cloud Security Alliance (CSA)
Straiker is a gold sponsor of OWASP AI Exchange
Products
Security overview
Ascend AI
Defend AI
Use Cases
Red Teaming
Runtime Security
Agentic Browser Guardrails
MCP Security
Resources
Resources
Blog
Podcasts & Videos
Events & Webinars
Company
About Straiker
Research
Newsroom
Contact
Get a Demo
Free AI Assessment
New Deal Registration
Careers
© 2025 Straiker. All rights reserved.
Privacy Policy
Terms & Conditions