Malicious npm Package Stole Files From Claude AI User Directory via GitHub
Summary
A malicious npm package named 'mouse5212-super-formatter' has been discovered that steals files from the Claude AI user directory. The package is designed to upload sensitive files from the '/mnt/user-data' directory, which is used by Anthropic's AI tool for handling uploads and outputs.
IFF Assessment
FOE
This discovery represents a direct threat to users of the Claude AI tool by compromising their data through a malicious software package.
Defender Context
This incident highlights the ongoing risk posed by supply chain attacks, where malicious code can be injected into legitimate software repositories. Defenders should be vigilant about the packages they use, especially those integrated with cloud AI services, and implement robust code scanning and monitoring practices.