SECURITYTHE REGISTER
Malware dev tries to steal Claude users' secrets, writes npm slop, leaks own GitHub private token
A malware package named 'mouse5212-super-formatter' targeting Claude users was removed from npm after 676 downloads. It leaked the attacker's GitHub private token, enabling researchers to trace stolen files. The malware, analyzed by OX Security, exfiltrates sensitive data via GitHub and uses deceptive techniques to avoid detection.
Mentioned