Kaspersky recently revealed that multiple VS Code plugins disguised as Solidity programming support were used to attack Cursor development environment users, resulting in a loss of approximately $500,000.00 in crypto assets for a Russian blockchain developer. Attackers used inflated metrics to rank malicious plugins higher than genuine plugins, inducing downloads and then remotely implanting the Quasar backdoor and information stealers to obtain wallet mnemonic phrases and steal coins. [crowdfundinsider]

Kaspersky: Malicious Plugin Targeting Cursor Users Has Led to $500,000 in Stolen Crypto Assets