AI-coded npm infostealer leaks private GitHub token

// 12d agoSECURITY INCIDENT

AI-coded npm infostealer leaks private GitHub token

Ox Security researchers discovered an AI-generated npm package that steals local files from Claude users and uploads them to GitHub. The malware's AI-written code accidentally exposed its own hard-coded private GitHub token, allowing researchers to trace the stolen data.

// ANALYSIS

The barrier to writing malware has dropped to zero, but so has the operational security of the people generating it. The package posed as an archive sync utility to steal files and target Claude users. It achieved 676 downloads before the hard-coded GitHub token exposed the threat actor's repository. Ox Security labeled this new class of low-effort, low-skill attacks as "Malware-Slop". Expect package registries to see a surge of poorly secured, AI-generated malware from unskilled actors.

// TAGS

securityai-codingllmnpmclaudemouse5212-super-formatter

DISCOVERED

12d ago

2026-05-28

PUBLISHED

12d ago

2026-05-28

RELEVANCE

7/ 10

AUTHOR

pcgamer

// KEEP READING

More AI developer news from the feed

EXPLORE FULL FEED

NEWS5m ago

Claude Code Fable 5 triggers billing warnings

Developer Daniel Avila flagged a potential issue in Anthropic's Claude Code CLI when selecting the newly released Claude Fable 5 model, noting that he received billing warnings despite Anthropic's promotion offering free access to the model until June 23, 2026. The issue likely stems from a conflict in how the CLI manages authentication, as the free promotional period is restricted to subscription plan logins (Pro, Max, Team, Enterprise) and does not apply if the tool detects a direct ANTHROPIC_API_KEY environment variable, which bills the user immediately.

TUTORIAL5m ago

Claude Fable tutorial builds MotionSites animated websites

A new twelve-minute tutorial by Viktor Oddy demonstrates how to build animated, award-winning websites using Claude Fable 5. The workflow leverages a library of pre-designed motion prompts from MotionSites to generate frontend components without manual coding.

MODEL7m ago

Claude Fable 5 one-shots playable horror game

BridgeMind highlighted the capabilities of Anthropic's newly released Claude Fable 5 model, sharing a demonstration where it generated a complete playable horror game from a single prompt. The model marks a significant leap in coding benchmarks, scoring 80.3% on SWE-Bench Pro compared to 69.2% for Claude Opus 4.8, reflecting its advanced agentic architecture and autonomous planning abilities.

AI-coded npm infostealer leaks private GitHub token