Malicious NPM packages posing as Cursor AI developer tools were found executing a backdoor on macOS systems, allowing hacker access and data theft. The threat involves credential harvesting, code injection, and persistent remote control of the IDE environment. (Affected: Cursor AI users, macOS systems)
Keypoints :
- The packages sw-cur, sw-cur1, and aiide-cur exploit developer interest to provide fake access to Cursor AI, a code editor with integrated AI features.
- They were published by threat actors using the usernames gtr2018 and aiide and have over 3,200 downloads.
- Upon execution, the malware harvests user credentials, downloads and decrypts malicious payloads, and injects malicious code into Cursor.
- The malware disables Cursor’s auto-update feature to prevent removal and maintains persistence by modifying core application files on macOS.
- The attack targets internal files within Cursor to execute threat-controlled code, risking credential theft, malware installation, and unauthorized access.
- This vulnerability can lead to leaking proprietary source code, injecting malicious dependencies, and lateral movement within enterprise environments.
- Users are advised to uninstall these packages, restore Cursor from trusted sources, rotate credentials, and review code for unauthorized modifications.
Read More: https://www.securityweek.com/malicious-npm-packages-target-cursor-ais-macos-users/