Snyk appears to deploy 'malicious' packages targeting Cursor for unknown reason

Developer security company Snyk is at the center of allegations concerning the possible targeting or testing of Cursor, an AI code editor company, using "malicious" packages uploaded to NPM.

Paul McCarty, a security researcher at SourceCodeRed.com, said he made the "strange" finding during a malicious package detection routine. He claimed a user named "sn4k-s3c" had uploaded three packages that were later tagged as malicious and named in a way that seemingly targeted Cursor:

"If you install any of these packages they will collect data about your system and send it to an attacker controlled web service," he claimed.

The cursor-shadow-workspace package, for example, would capture outputs of an env command, he said. Secrets exposed by such commands include GitHub credentials, AWS keys, and NPM tokens, McCarty added, so they would be compromised if the package was run.

He went on to say: "Now, typically, when we see packages like this, they are attempting to perform a dependency confusion attack on a specific company. I don't know if Cursor.com has a bug bounty program or a specific background. Still, I would suspect that Cursor has several NPM private packages named 'cursor-always-local,' 'cursor-retrieval,' and 'cursor-shadow-workspace.'

The packages have since been removed from NPM, the open source JavaScript package library, but before they were, McCarty claimed the metadata indicated that an individual using a Snyk.io email address authored the malicious packages.

The Register asked Snyk and Cursor for additional information. Snyk's UK press team responded saying it was looking into it, and Cursor didn't respond.

Conspiracists have flocked to the forums, however. A Hacker News thread is littered with negative perspectives, highlighting a number of Snyk's past indiscretions.

More sensible takes on the situation aren't as inflammatory. It's very possible there was no foul play involved. NPM has a reputation for behaving in unpredictable ways when it detects public and private packages with the same name, while others pointed out Snyk may have just been trying to test and later report a bug to Cursor.

Arvid Lunnemark, co-founder of Anysphere - the company behind Cursor - however, shed some light on what happened behind the scenes.

He wrote in a Hacker News thread that suggestions it was an error on NPM's side could not be correct given that Snyk's packages were the names of Cursor's bundled extensions which aren't packaged or uploaded to a registry.

Lunnemark also told the forum that Cursor didn't hire Snyk to carry out any kind of security audit.

"We did not hire Snyk, but we reached out to them after seeing this and they apologized. We did not get any confirmation of what exactly they were trying to do here," he said in a comment.

Responding on the thread to specific theories that Snyk may have just wanted to raise awareness of a possible dependency confusion vulnerability, he said it was "plausible" despite being a "pretty irresponsible" means of doing so.

Speaking to The Register, McCarty told us: "I confirmed that this definitely came from Snyk, and I talked to the person who published the packages." ®

Search
About Us
Website HardCracked provides softwares, patches, cracks and keygens. If you have software or keygens to share, feel free to submit it to us here. Also you may contact us if you have software that needs to be removed from our website. Thanks for use our service!
IT News
Feb 11
Intel loses another exec as datacenter, AI chief named Nokia CEO

Justin Hotard tapped to replace Pekka Lundmark at the Finnish telco

Feb 10
Meta's plan to erase 5% of workforce starts today

'Intense year' ahead, warned Zuck. Got to spend billions on AI and work to stay out of Trump's bad books

Feb 10
The biggest microcode attack in our history is underway

Opinion When your state machines are vulnerable, all bets are off

Feb 10
CentOS Connect conference announces return of Firefox

FOSDEM 2025 OKD project also has its own immutable CentOS image, which could be fun

Feb 10
Legacy systems running UK's collector are taxing - in more ways than one

Costs for fixing them and keeping them working up by 390%, NAO report reveals

Feb 10
Cloudflare hopes to rebuild the Web for the AI age - with itself in the middle

Also claims it's found DeepSeek-eque optimizations that reduce AI infrastructure requirements

Feb 8
'Maybe the problem is you' ... Linus Torvalds wades into Linux kernel Rust driver drama

Open source project chief hits out at 'social media brigading'