Techly NewsGet the app

Get the latest tech news

Snyk Researcher Caught Deploying Malicious Code Targeting AI Startup


A Snyk security researcher has published malicious NPM packages targeting Cursor, an AI coding startup, in what appears to be a dependency confusion attack. The packages, which collect and transmit system data to an attacker-controlled server, were published under a verified Snyk email address, acco...

A Snyk security researcher has published malicious NPM packages targeting Cursor, an AI coding startup, in what appears to be a dependency confusion attack. The packages, which collect and transmit system data to an attacker-controlled server, were published under a verified Snyk email address, according to security researcher Paul McCarty.The OpenSSF package analysis scanner flagged three packages as malicious, generating advisories MAL-2025-27, MAL-2025-28 and MAL-2025-29. The researcher deployed the packages "cursor-retrieval," "cursor-always-local" and "cursor-shadow-workspace," likely attempting to exploit Cursor's private NPM packages of the same names.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of Malicious code

Malicious code

Photo of snyk researcher

snyk researcher

Related news:

News photo

Hackers injected malicious code into several Chrome extensions in recent attack

News photo

Hackers use macOS extended file attributes to hide malicious code

News photo

ByteDance intern fired for planting malicious code in AI models

« The Sikh Practice of Langar, a Free Meal Where Everyone Is Equal
They've only gone and made Doom run in a PDF file »