Malicious NPM Packages Target Cursor AI’s macOS Users

Three malicious NPM packages posing as developer tools for the popular Cursor AI code editor were caught deploying a backdoor on macOS systems, vulnerability detection firm Socket reports.

Cursor is a proprietary integrated development environment (IDE) that integrates AI features directly within the coding environment. It offers tiered access to LLMs, with premium language models priced per request.

The packages, named sw‑cur, sw‑cur1, and aiide-cur, claim to provide cheap access to Cursor, exploiting the developers’ interest in avoiding paying the fees.

All three packages were published by a threat actor using the NPM usernames gtr2018 and aiide, and have amassed over 3,200 downloads to date.

“As of this writing, these packages remain live on the NPM registry. We have formally petitioned for their removal,” Socket warns.

Upon execution, a malicious script contained by these packages harvests user credentials, fetches a payload from a remote server and decrypts ...