Cursor’s July 29 update shifts to an allowlist model for its auto-run feature following researchers’ findings of denylist bypasses.
