Three malicious NPM packages posing as developer instruments for the favored Cursor AI code editor have been caught deploying a backdoor on macOS techniques, vulnerability detection agency Socket stories.
Cursor is a proprietary built-in improvement setting (IDE) that integrates AI options instantly inside the coding setting. It provides tiered entry to LLMs, with premium language fashions priced per request.
The packages, named sw‑cur, sw‑cur1, and aiide-cur, declare to offer low cost entry to Cursor, exploiting the builders’ curiosity in avoiding paying the charges.
All three packages have been printed by a risk actor utilizing the NPM usernames gtr2018 and aiide, and have amassed over 3,200 downloads to this point.
“As of this writing, these packages stay stay on the NPM registry. We’ve formally petitioned for his or her removing,” Socket warns.
Upon execution, a malicious script contained by these packages harvests consumer credentials, fetches a payload from a distant server and decrypts and decompresses it.
It additionally replaces Cursor code with malicious code equipped by the attacker, and restarts the appliance to acquire persistent distant execution capabilities inside the IDE.
Moreover, the vulnerability detection agency seen that sw‑cur would disable Cursor’s auto-update mechanism, prone to forestall removing.Commercial. Scroll to proceed studying.
“The assault particularly targets macOS installations of this software by modifying inside information reminiscent of principal.js underneath the /Functions/Cursor.app/… path. The malware makes use of the editor’s trusted runtime to execute risk actor-controlled code and preserve persistence,” Socket notes.
All three packages use the identical credential exfiltration, payload retrieval, decryption, and file-patching routines, albeit they use totally different hardcoded domains.
The assault, Socket warns, could lead on not solely to credential and code theft, or extra malware infections, but in addition to unauthorized entry to paid companies and any codebase opened inside the IDE.
“In enterprise environments or open supply tasks, the dangers multiply. A trojanized IDE on a developer’s machine can leak proprietary supply code, introduce malicious dependencies into builds, or function a foothold for lateral motion inside CI/CD pipelines,” Socket notes.
Cursor customers who downloaded any of those packages are suggested to revive Cursor from a trusted supply, rotate credentials, and audit their code for potential unauthorized modifications.
Associated: Lots of Obtain Malicious NPM Bundle Able to Delivering Rootkit
Associated: Dozens of Malicious NPM Packages Steal Consumer, System Information
Associated: Builders Warned of Malicious PyPI, NPM, Ruby Packages Focusing on Macs
Associated: Malicious NPM, PyPI Packages Stealing Consumer Info
