Malicious npm Package Steals Files from Claude AI Users

Cybersecurity researchers have discovered a new malicious package in the npm registry that can steal information. The package, named "mouse5212-super-formatter", was identified by OX Security and is designed to upload files from the "/mnt/user-data" directory. This directory is used by Anthropic's Claude AI tool to manage uploads and outputs in the background. The discovery of the package raises serious security concerns, particularly for users of Claude AI. The package exploits vulnerabilities in the npm environment to gain unauthorized access to sensitive data.

Researchers have found that the malware is capable of stealing files without the users' knowledge, posing a significant risk to data security. OX Security has urgently warned Claude AI users to check their systems for the presence of the malicious package. The security firm recommends regularly reviewing all npm packages and immediately removing any suspicious ones. Users should also ensure that their systems are equipped with the latest security updates to prevent potential attacks. The malware has been discovered in several projects hosted on npm.

Researchers have determined that the package can extract files from the user directory and send them to an external server. This type of attack is particularly concerning as it jeopardizes user privacy and potentially exposes confidential information. Anthropic has responded to the discovery, emphasizing that they take the security of their platform seriously. The company is working to close the security gaps and has already taken measures to protect the integrity of user data. Users are encouraged to report suspicious activities and review their security practices.

The vulnerability exploited by the package could also affect other npm packages. Experts warn that similar attacks may increase in the future if appropriate security measures are not taken. The community is urged to remain vigilant and follow best security practices. OX Security has published specific technical details of the attack to help developers protect their systems. Researchers have also recommended considering alternative methods for managing dependencies to minimize the risk of malware infections.

A proactive approach to security is crucial to ensure the integrity of software projects. The discovery of the malicious package has already led to increased attention to security within the npm ecosystem. Developers and companies are aware of the risks and are seeking solutions to protect their applications. The security community is actively working to identify and combat threats. The vulnerability was discovered on May 27, 2026, and researchers have already taken steps to stop the spread of the package. npm users are urged to regularly review their dependencies and ensure they are not using malicious packages.