Supply chain attack targets macOS Cursor users with malicious npm packages

Researchers have identified three malicious npm packages targeting the macOS version of the artificial intelligence-assisted code editor Cursor as part of a broader software supply chain campaign, according to The Hacker News.

The packages, identified as sw-cur, sw-cur1, and aiide-cur, masquerade as developer utilities promoting low-cost access to the Cursor API. Once installed, the packages steal user credentials and retrieve an encrypted second-stage payload from attacker-controlled domains. This payload modifies Cursors main.js file, disables its update mechanism, and relaunches the application with persistent, malicious code. The attack grants unauthorized remote access, potentially exposing sensitive tokens, credentials, and network access permissions. With over 3,200 downloads, the packages represent a growing tactic wherein threat actors deploy npm modules that alter existing trusted software on a developers system, even maintaining persistence after removal. The campaign is believed to exploit developers interest in AI tooling and cost-saving incentives. In a related discovery, two other npm packages, pumptoolforvolumeandcomment and debugdogs, were found stealing cryptocurrency keys and trading data from BullX platform users via macOS systems. These packages use obfuscated payloads and Telegram bots for data exfiltration.