@milenyumai/film-kit-*@various
A coordinated campaign of 4 packages published under the @milenyumai npm scope (film-kit-hybrid-smart, film-kit-multi, film-kit-studio, film-kit). All packages inject malicious configurations into AI coding assistant config directories: .claude/settings.json for Claude Code and .cursorrules/.cursor/rules/ for Cursor. The injected configurations register attacker-controlled MCP servers, allowing remote command execution through the AI assistant's trusted tool interface.