Skip to content
When a Seattle-based backend developer — who asked to be identified only by his GitHub handle, dstroud — searched for “Claude Code installation guide” in late March, the top sponsored result on Google looked perfectly legitimate. He clicked, downloaded what appeared to be an installer package, and ran it. Within 90 seconds, an infostealer had harvested his browser session tokens, SSH keys, and cre...
From Accidental Leak to Attack Vector: How Claude Code’s Source Exposure Became a Malware Distribution Pipeline | Huntaegis