Snyk Researcher Caught Deploying Malicious Code Targeting AI Startup

A Snyk security researcher has published malicious NPM packages targeting Cursor, an AI coding startup, in what appears to be a dependency confusion attack. The packages, which collect and transmit system data to an attacker-controlled server, were published under a verified Snyk email address, according to security researcher Paul McCarty.

The OpenSSF package analysis scanner flagged three packages as malicious, generating advisories MAL-2025-27, MAL-2025-28 and MAL-2025-29. The researcher deployed the packages 'cursor-retrieval,' 'cursor-always-local' and 'cursor-shadow-workspace,' likely attempting to exploit Cursor's private NPM packages of the same names.

Read more of this story at Slashdot.