Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials

Updated on May 9, 2025

Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor.
“Disguised as developer tools offering ‘the cheapest Cursor API,’ these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor’s…

Read the rest of the story at Read More

Source: The Hacker News

December 29, 2024 Uncategorized

16 Chrome Extensions Hacked, Exposing Ov...

December 18, 2024 Uncategorized

ONLY Cynet Delivers 100% Protection and ...

January 22, 2025 Uncategorized

Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials

Related posts

16 Chrome Extensions Hacked, Exposing Ov...

ONLY Cynet Delivers 100% Protection and ...

Hackers Exploit Zero-Day in cnPilot Rout...

Leave a Comment Cancel reply

Recent News

Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection

Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data

BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation

OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities

Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials

Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business

Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials

Beyond Vulnerability Management – Can You CVE What I CVE?

Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android

Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell