Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking

Attackers can steal OAuth tokens (digital keys that grant access to connected services) from Claude Code, an AI system that performs tasks autonomously, through a man-in-the-middle attack (intercepting communication between two parties). The attack involves installing a malicious npm package that modifies Claude Code's configuration file to redirect all traffic through the attacker's infrastructure, allowing them to capture tokens while remaining undetected.