Dossier
mouse5212-super-formatter
Coverage of mouse5212-super-formatter in the Nexus archive.
- Malware dev tries to steal Claude users' secrets, writes npm slop, leaks own GitHub private token
A malware package named 'mouse5212-super-formatter' targeting Claude users was removed from npm after 676 downloads. It leaked the attacker's GitHub private token, enabling researchers to trace stolen files. The malware, analyzed by OX Security, exfiltrates sensitive data via GitHub and uses deceptive techniques to avoid detection.
- Malicious npm Package Stole Files From Claude AI User Directory via GitHub
A malicious npm package named 'mouse5212-super-formatter' was discovered to steal files from Anthropic's Claude AI user directory. Cybersecurity researchers from OX Security identified the package's ability to upload files from a specific directory used by Claude AI, highlighting a security risk for users of the AI tool.