Skip to content
The Nexus
SECURITYMay 27 · 20:33 UTCTHE REGISTER

Malware dev tries to steal Claude users' secrets, writes npm slop, leaks own GitHub private token

A malware package named 'mouse5212-super-formatter' targeting Claude users was removed from npm after 676 downloads. It leaked the attacker's GitHub private token, enabling researchers to trace stolen files. The malware, analyzed by OX Security, exfiltrates sensitive data via GitHub and uses deceptive techniques to avoid detection.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this