Cybersecurity researchers have indicated three malicious NPM packages that are designed to focus on the Apple MacOS Cursor version, a popular Apple MacOS source.
“Demanded into the developer tools offering” the cheapest API cursor “, these packages steal users’ powers, get encrypted useful load from infrastructure controlled by the threat – Note.
Under consideration packages are given below –
All three packages will still be available to download from the NPM registry. “AIIDE-CU” was first published on February 14, 2025. It was downloaded by the user called “AIIDE”. The NPM Library is described as a “Command Prompt Tool for Macos Editor -in -Chief”.
The other two packages according to the software chain safety were published a day earlier by the GTR2018 pseudonym. In total, three packages have been loaded more than 3200 times today.
After installing libraries, it is designed to collect the cursor credentials and obtaining the following stage of useful load from the remote server (“T.SW2031 (.) CE” or “Api.aiide (.) XYZ”), which is then used to replace the legitimate courso with angry logic.
“SW-C” also takes a step disabling the auto-update mechanism and stopping all cursor processes. The NPM packages then continue to restart the application to ensure that the secured code enters into force, giving the actor the threat to perform an arbitrary code in the context of the platform.
“This company emphasizes growing threats malicious spots To compromise the trusted local software, “Book.
The sale point here is that the attackers are trying to use developers’ interest in the II, as well as those looking for cheaper fees for using AI models.
“The use of the actor threatening” the cheapest API Cursor “is probably aimed at this group, with users promise at a quiet deployment of the back,” the researcher added.
The disclosure of information occurs when the socket discovered two more NPM packages – Pumptoolforvolumendcomment and debugging – to deliver a stubborn load that siphons of cryptocurrency keys, wallet files and trading data related to the crypto platform called BULLX on and Macos systems. Encouraged data exploited to the Telegram bot.
While “Pumptoolforvolumendcomment” was loaded 625 times, “Debugdogs” received only 119 downloads because they were published in NPM in September 2024. Olumidey.
“Debugdogs just causes Pumptoolforvolumendcomment, making it a convenient strain of secondary infection,” Kush Pande’s safety researcher – Note. “This” wrap “the sample doubles down the main attack, which facilitates the spread under several names without changing the malicious code.”
“This highly purposeful attack can empty your wallets and put sensitive credentials and trade data in seconds.”
Package NPM “Rand-User-Agent” compromised in the supply chain attack
The opening is also worth it report With Aikido about the supply chain attack that broke the legal package called “Rand-User-Agent“For the introduction of the code that hides the Trojan remote access (rat). Versions 2.0.83, 2.0.84 and 1.0.110 were recognized as malicious.
Recently released versions, according to Charlie Eriksen’s security researcher, designed to establish an external server communication to obtain teams that allow it to change the current work catalog, download files and execute Shell commands. The compromise was discovered on May 5, 2025.
At the time of writing the NPM package was marked out obsolete and related to this GitHub repository Also not available, redirect users to page 404.
It is currently unclear how the NPM package was broken to make unauthorized modifications. Users who have upgraded to 2.0.83, 2.0.84 or 1.0.110, it is recommended to lower it to the latest safe version released seven months ago (2.0.82). However, this does not remove malicious software from the system.
