{"id":1,"date":"2026-04-04T12:56:07","date_gmt":"2026-04-04T12:56:07","guid":{"rendered":"http:\/\/k337.duckdns.org\/?p=1"},"modified":"2026-04-04T16:26:55","modified_gmt":"2026-04-04T16:26:55","slug":"hello-world","status":"publish","type":"post","link":"https:\/\/k337.duckdns.org\/2026\/hello-world\/1\/","title":{"rendered":"The Claude Code leak was utilized to disseminate infostealer malware on GitHub."},"content":{"rendered":"\n

<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Threat actors are taking advantage of the recent leak of Claude Code’s source code by utilizing counterfeit GitHub repositories to distribute Vidar information-stealing malware. Claude Code is a terminal-based AI agent developed by Anthropic, intended to perform coding tasks directly within the terminal and function as an autonomous agent, capable of interacting directly with systems, managing LLM API calls, integrating with MCP, and maintaining persistent memory. On March 31, Anthropic inadvertently revealed the complete client-side source code of this new tool through a 59.8 MB JavaScript source map that was mistakenly included in the published npm package. The leak comprised 513,000 lines of unobfuscated TypeScript spread across 1,906 files, disclosing the agent\u2019s orchestration logic, permissions, execution systems, concealed features, build specifications, and security-related internals. The exposed code was swiftly downloaded by numerous users and subsequently published on GitHub, where it was forked thousands of times. A report from cloud security firm Zscaler indicates that the leak provided an opportunity for threat actors to deliver the Vidar infostealer to individuals searching for the Claude Code leak. Researchers discovered that a malicious GitHub repository created by the user \u201cidbzoomh\u201d shared a fake leak and promoted it as containing \u201cunlocked enterprise features\u201d with no usage limitations. To attract maximum traffic to the fraudulent leak, the repository is optimized for search engines and appears among the top results on Google Search for queries such as \u201cleaked Claude Code.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

Threat actors are taking advantage of the recent leak of Claude Code’s source code by utilizing counterfeit GitHub repositories to distribute Vidar information-stealing malware. Claude Code is a terminal-based AI agent developed by Anthropic, intended to perform coding tasks directly within the terminal and function as an autonomous agent, capable of interacting directly with systems, […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-1","post","type-post","status-publish","format-standard","hentry","category-security"],"_links":{"self":[{"href":"https:\/\/k337.duckdns.org\/wp-json\/wp\/v2\/posts\/1","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/k337.duckdns.org\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/k337.duckdns.org\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/k337.duckdns.org\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/k337.duckdns.org\/wp-json\/wp\/v2\/comments?post=1"}],"version-history":[{"count":1,"href":"https:\/\/k337.duckdns.org\/wp-json\/wp\/v2\/posts\/1\/revisions"}],"predecessor-version":[{"id":10,"href":"https:\/\/k337.duckdns.org\/wp-json\/wp\/v2\/posts\/1\/revisions\/10"}],"wp:attachment":[{"href":"https:\/\/k337.duckdns.org\/wp-json\/wp\/v2\/media?parent=1"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/k337.duckdns.org\/wp-json\/wp\/v2\/categories?post=1"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/k337.duckdns.org\/wp-json\/wp\/v2\/tags?post=1"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}