SpaceX Acquires Cursor for $60 Billion: What It Means for Software Security — Pentesty

Back to BlogResearchJun 16, 2026 · 12 min read<br>SpaceX Acquires Cursor for $60 Billion: What It Means for Software Security<br>Published by Pentesty · AI Security · Supply Chain · DevSecOps

Overview<br>Elon Musk's SpaceX announced today the acquisition of Anysphere, the company behind the popular AI coding tool Cursor , in an all-stock deal valued at $60 billion . The announcement came just four days after SpaceX's record-breaking Nasdaq IPO and signals a major consolidation of AI development tools under a single, vertically integrated empire. For cybersecurity professionals, this deal is far more than a business headline: it reshapes the attack surface of modern software development at a global scale.<br>The Deal: What You Need to Know<br>SpaceX and Anysphere signed a merger agreement on Monday, June 16, 2026. The transaction is structured as a full all-stock merger executed through a wholly-owned SpaceX subsidiary called X67 Inc. , which will merge with Anysphere, leaving Cursor as a fully controlled SpaceX subsidiary.<br>The deal is expected to close in the third quarter of 2026 , subject to regulatory approvals and standard closing conditions. Every share of Anysphere common and preferred stock will be exchanged for Class A SpaceX shares, with the conversion ratio determined by the 7-day VWAP of SPCX stock prior to closing. If the deal collapses under certain conditions, including antitrust blockers, SpaceX must pay Anysphere a $10 billion termination fee .<br>How We Got Here<br>Cursor's Explosive Growth<br>Anysphere was founded in 2022 by four MIT graduates: Sualeh Asif, Arvid Lunnemark, Aman Sanger, and Michael Truell . In just three years, Cursor became one of the most widely adopted AI coding environments in the world, surpassing $1 billion in annual recurring revenue by November 2025. Investors including Andreessen Horowitz, Accel, Thrive Capital, Coatue, Google, NVIDIA, and the OpenAI Startup Fund backed the company across its funding rounds.<br>RoundDateRaisedValuationSeries CMay 2025$900M$9.9BSeries DNovember 2025$2.3B$29.3BSpaceX acquisition optionApril 2026N/A$50–60BDefinitive acquisitionJune 2026N/A$60B<br>SpaceX's AI Power Consolidation<br>This acquisition fits a clear pattern. In February 2026, SpaceX merged with xAI — Musk's AI company and creator of the Grok chatbot — in a deal valued at $1.25 trillion , the largest corporate merger in history. That deal combined rocket infrastructure with frontier AI research under one roof.<br>In April 2026, SpaceX secured an option to either acquire Anysphere for $60 billion or pay $10 billion for a narrower partnership. After going public on June 12, 2026, raising $75 billion in the largest IPO ever recorded — surpassing Saudi Aramco's 2019 offering — SpaceX moved immediately to exercise the acquisition option. The stock opened at $135 per share and surged to $150 on its first day of trading, valuing the company at over $2 trillion .<br>Why SpaceX Wants Cursor<br>Developer Behavior Data at Scale<br>Cursor has millions of developers generating daily coding interactions. Those usage logs represent one of the richest datasets of professional programming behavior ever assembled. For training next-generation code models, this is invaluable raw material that no synthetic dataset can replicate.<br>The Colossus Supercomputer<br>SpaceX inherited the Colossus compute cluster from the xAI merger, described as equivalent to 1 million H100 chips in processing capacity. Combining this infrastructure with Cursor's behavioral data gives SpaceX the ability to train highly specialized code models, with reports suggesting an initial focus on a Composer 2.5 model for Cursor.<br>Enterprise AI Market Share<br>The deal positions SpaceX to compete directly with OpenAI, Anthropic, and Microsoft's GitHub Copilot in the enterprise AI tooling market. With xAI and Cursor under the same umbrella, SpaceX becomes a vertically integrated AI stack — from compute infrastructure all the way to the developer's own IDE.<br>Security Implications: The Pentesty Perspective<br>This is where things get serious for security professionals.<br>Cursor Already Has Known Vulnerabilities<br>Before any post-acquisition changes, Cursor carried a documented security history. In September 2025, two critical CVEs were disclosed: CVE-2025-54135 and CVE-2025-54136 , both enabling silent code execution when a developer opens a malicious repository.<br>The attack vector is straightforward. A threat actor publishes a repository with hidden autorun instructions in project configuration files. When a developer opens the project in Cursor, no additional interaction is required. The malicious code executes with the developer's full privileges. This is particularly dangerous because Cursor reads the entire codebase, accesses the file system, and runs terminal commands — all standard IDE behaviors that become weaponizable in this context.<br>A broader audit of AI-generated applications found 69...