Malware inside cursor – be careful on Windows computer...

after some research i found out that this malware has already infected a lot of npm packages

what's confusing is that these files were installed inside cursor's own directory

of course i understand cursor itself didn't not install the package

intially i assumed they came from my "asyncapi-preview" extension i installed for cursor

but i also have the same extension in VS Code, and there're no malicious files in tis directory

so my qiestions are

• what's exactly node_modules dir inside cursor's dir used for?
• is there any way to prevent npm modules without from being installed automatically without my explicit approval? or, more generally, what's the recommended way to avoid this kind of issue in the future?