Claude Code leak used to push infostealer malware on GitHub

A threat actor has weaponized the hype around Anthropic's anticipated 'Claude Code' model by uploading a malicious repository to GitHub. The fake repository, named 'claude-code', falsely claims to contain a leaked, local version of the rumored coding assistant. It has garnered significant attention, amassing over 1,000 stars, demonstrating how effectively AI-related buzz can be exploited for social engineering. The repository's main attraction is a Python script that, instead of providing AI capabilities, executes an information-stealing malware payload.

Security researchers analyzing the code found it is designed to harvest sensitive data from an infected developer's system. The malware specifically targets browser data, including stored cookies, passwords, and autofill information, which could be used to hijack accounts and gain unauthorized access to corporate systems and code repositories. This incident underscores a critical security threat: developers, eager to experiment with the latest AI tools, may lower their guard when encountering what appears to be a coveted leak, making them prime targets for such attacks.

The fake repo's convincing description and the legitimate-seeming setup instructions add to its deceptive credibility. This attack vector is particularly insidious as it preys on the tech community's culture of open-source sharing and rapid experimentation. It serves as a stark reminder that even platforms like GitHub require vigilant scrutiny, as malicious actors continue to find new ways to leverage trending topics—especially in the fast-moving AI space—to distribute malware.