Fake Claude Code Installer Targets Developers With Browser Credential Stealer

Researchers at Ontinue have discovered an undocumented malware campaign targeting developers with fake Claude Code installers to steal browser passwords and cookies...

Exploit for CVE-2026-40271

Lazarus Group: 19-Day A/B Test Campaign Analysis TLP:CLEA...

Malicious Package

Overview chai-async is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package. Once...

Malicious code in pyefflorer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9db59fb1fff1df375feb9a17164f004b62a2d5fa194dcc285341536b6bfb51aa Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

Malicious code in pyowler (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9df2ac0489cd9816fc13f309f73773ae3fc26794b44dd4930ab92a367115899f Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

Malicious code in casino.web (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx feffdfd456f40706d2380c15768e0a8e7449f6c5a2c60d257ef67d5f84d5b6ac Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

Malicious code in pyminor (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx f4b65ae360c6ccb0733894c0d6db59f44827dad1169ff36141aa391ef89f51a0 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

Malicious code in olymptrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 980d1b05adbe09f084ff3a74bbcdf8e7b12c80d99842d8caf74bb22009af6e38 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

Malicious code in binarium-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx e6203f8ba86eed8c7eef3531a2e69f72fa4badbcd98e90b291436bf574cb24c7 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

Malicious code in gogogolokl (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7b050604c15bfdf4e456841a2cbccfb6f6122137aedf82ceae488c2871dfea27 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

Malicious code in pyclack (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a5bbfd7bb3c6e08fcaab006836d25519f6f790a3e647e64dd210e0b6f464d490 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

Malicious code in angular-1.8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 3d45e146db01c8e2d986dd73f9991c083be30195ff986c99817c93e1be410b60 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

Malicious code in cxp-jquery (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b0e4725a2db5433915386ce19dadd7812b0f44e9afcb7c48d855797cf7a78537 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

Malicious code in lib-bb-html-sanitizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 74072bddc9908e0147976fde0680c197ac5b38167bfcdf14afc5f79f23749f72 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

Malicious code in digital-marketing-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 902d44e21b6271e6b66059054f16d136d16fdc5172a47797fcfc9eda5a32fa05 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...