Claude Code has an MCP security problem — and your developers are already using it
Summary
Researchers at Mitiga Labs have identified a security vulnerability in Anthropic's Claude Code AI assistant that allows attackers to steal OAuth bearer tokens. By compromising a developer's machine with a malicious npm package, attackers can redirect Claude Code's authenticated requests to their own infrastructure, gaining access to connected services like Jira, Confluence, and GitHub.
IFF Assessment
This vulnerability allows attackers to easily steal sensitive access tokens, posing a significant risk to organizations relying on AI coding assistants.
Severity
Defender Context
This incident highlights the risks associated with AI coding assistants and their integration with critical development tools and services. Defenders should be aware of how these tools store credentials and be cautious of installing packages from untrusted sources, as a compromise can lead to widespread data exfiltration and unauthorized access.