#anthropic-claude-mntuser-data

[ follow ]
#npm-supply-chain #information-stealing #github-exfiltration #postinstall-malware
Information security
fromThe Hacker News
2 days ago

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

A malicious npm package steals local files from /mnt/user-data and uploads them to an attacker-controlled GitHub repository during postinstall.
[ Load more ]