Cybersecurity researchers have identified three malicious npm packages aimed at the macOS version of Cursor, a popular AI-powered code editor. These packages masquerade as developer tools, stealing user credentials and fetching encrypted payloads from threat actor-controlled servers. Once installed, they overwrite Cursor’s main.js file, disable updates, and restart Cursor to execute malicious code. The increasing use of such malicious patches signifies a growing threat to software supply chains, exploiting developers' interest in AI tools, as over 3,200 downloads indicate widespread potential impact.
"This campaign highlights a growing supply chain threat, with threat actors increasingly using malicious patches to compromise trusted local software," Boychenko said.
"Disguised as developer tools offering 'the cheapest Cursor API,' these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure..."
"The libraries, once installed, are designed to harvest user-supplied Cursor credentials and fetch a next-stage payload from a remote server..."
"Aiide-cur" was first published on February 14, 2025. It was uploaded by a user named 'aiide.' The npm library is described as a 'command-line tool for configuring the macOS version of the Cursor editor.'
Collection
[
|
...
]