Claude AI

May 27, 2026

Malicious npm Package Stole Claude AI Files via GitHub

A malicious npm package silently exfiltrated files from Claude AI's user directory and uploaded them to GitHub. Here's how it worked and what to do.