Researchers at Endor Labs uncovered 88 new packages tied to new waves of the campaign, which uses remote dynamic dependencies to deliver credential-stealing malware.
The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results