They thought they were downloading Claude Code source. They got a nasty dose of malware instead

A malicious GitHub repository published by idbzoomh uses the Claude Code exposure as a lure to trick people into downloading ...

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads

Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve ...
Crowdfund Insider

Open-Source Software Malware Surging: Endor Labs

Malware in open source software is no longer a fringe threat–it's accelerating at an unprecedented rate. In 2025 alone, more ...
TMCnet

Endor Labs Finds Malware in Open Source Ecosystems Surges 14x in Two Years as Organizations Struggle to Respond

"Most application security programs were built around vulnerability management, not to detect malware in the software supply ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...