LIVE FEED
mouse5212-super-formatter npm Malware Steals Claude Files

mouse5212-super-formatter npm Malware Steals Claude Files

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 8.2 The Hacker News

A malicious npm package named 'mouse5212-super-formatter' was discovered exfiltrating files from Anthropic's Claude AI user directory by authenticating to a threat actor-controlled GitHub repository. The package disguised itself as a legitimate archive utility while silently uploading all local workspace files during the postinstall phase. Notably, the attacker's poor operational security — including a leaked GitHub token — suggests AI-generated malware with minimal human oversight, pointing to a growing trend of low-skill threat actors leveraging AI to produce supply chain malware.

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.