Vibe Coding
Active Malware Campaigns Target 'Claude Code' via Google Ads, Fake Download Sites, and Leaked Source Lures
Multiple concurrent malware campaigns exploit interest in Claude Code: Bitdefender identified Google Ads redirecting to fake documentation pages, BleepingComputer documented a fake site delivering 'Beagle' backdoor malware via trojanized installers, and Trend Micro confirmed threat actors weaponized Anthropic's March 2026 npm source map leak to distribute Vidar, GhostSocks, and PureLog stealers. An r/ClaudeAI user reported falling victim to the top Google search result today. Builders should verify they're downloading from code.claude.com only.
Source
↳ Follow the thread