Techly NewsGet the app

Get the latest tech news

Code highlighting extension for Cursor AI used for $500k theft


Kaspersky GReAT experts uncover malicious extensions for Cursor AI that download the Quasar backdoor and a crypto stealer.

It turned out that extension.js was a component of the Solidity Language extension for the Cursor AI IDE, which is based on Visual Studio Code and designed for AI-assisted development. According to the description, the extension offers numerous features to optimize work with Solidity smart contract code, specifically syntax highlighting: Consequently, the ranking is determined by a combination of factors: for example, an extension with a low number of downloads can still appear near the top of search results if that metric is offset by its recency.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Cursor AI

Cursor AI

Photo of Code highlighting

Code highlighting

Photo of 500k theft

500k theft

Related news:

News photo

Anysphere launches a $200-a-month Cursor AI coding subscription

News photo

Cursor AI's Own Support Bot Hallucinated Its Usage Policy

News photo

Cursor AI's own support bot hallucinated its usage policy

« Google to Spend $3 Billion for Hydropower from Brookfield
The JPEG XL Image Coding History, Features, Coding Tools, Design Rationale »