Claude Code leak used to push infostealer malware on GitHub
highnewsLLM-Specific
security
Source: BleepingComputerApril 2, 2026
Summary
Threat actors exploited a March 31 accidental leak of Claude Code's source code (a terminal-based AI agent from Anthropic) by creating fake GitHub repositories that deliver Vidar infostealer malware to users searching for the leaked code. The repositories use search engine optimization to appear in Google results and trick users into downloading a malicious executable that deploys information-stealing and network-proxying tools.
Classification
Attack Type
Supply ChainPII Leakage
Attack SophisticationModerate
Impact (CIA+S)
confidentiality
Affected Vendors
Anthropic
Related Issues
Monthly digest — independent AI security research
Original source: https://www.bleepingcomputer.com/news/security/claude-code-leak-used-to-push-infostealer-malware-on-github/
First tracked: April 2, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 92%