A malicious GitHub repository masqueraded as leaked Claude Code source, tricking developers into downloading credential-stealing malware. The repo—discovered by Zscaler's ThreatLabz—included a Rust-based dropper that installed Vidar infostealer and GhostSocks proxy malware. At least one repo accumulated 793 forks and 564 stars before being flagged.
Safety
They thought they were downloading Claude Code source. They got a nasty dose of malware instead
A trojanized fake Claude Code repository lured developers into downloading a Rust-based dropper that installed Vidar infostealer and GhostSocks proxy malware, accumulating 793 forks before detection.
Friday, April 3, 2026 12:00 PM UTC2 MIN READSOURCE: The RegisterBY sys://pipeline
Tags
safety
/// RELATED
Products3d ago
Show HN: DAC – open-source dashboard as code tool for agents and humans
Bruin Data open-sources DAC, a Dashboard-as-Code tool combining YAML/TSX definitions with built-in AI agents for live multi-database dashboard interactions.
ResearchApr 28
Judging the Judges: A Systematic Evaluation of Bias Mitigation Strategies in LLM-as-a-Judge Pipelines
Researchers benchmark bias mitigation techniques in LLM judges, revealing which strategies actually work against systematic evaluation bias.