Malware in free-anthropic-claude
The npm package free-anthropic-claude contained malware that could fully compromise any system where it was installed or executed. The advisory recommends treating affected systems as fully compromised and rotating all secrets and keys from a different computer.
- Disclosed
- Last updated
- Blast radius
- Any system with the package installed or running
- Ecosystems
- Attack vectors
- Affected entities
- free-anthropic-claudenpm package containing malware
The npm package free-anthropic-claude was found to contain malware. According to the GitHub Advisory (GHSA-3h58-8ch3-mgp3), any computer with this package installed or running should be considered fully compromised.\n\nThe advisory recommends immediate action: all secrets and keys stored on affected computers should be rotated from a different, uncompromised system. While the package should be removed, the advisory notes that full control of the computer may have been given to an outside entity, meaning removal of the package alone may not eliminate all malicious software that resulted from the installation.\n\nThis represents a critical supply chain attack through a malicious npm package that could grant attackers complete system access.
Indicators of compromise
- Packages
- free-anthropic-claude
Remediation
- Immediately isolate any computer that has installed or run free-anthropic-claude from the network
- Rotate all secrets, API keys, credentials, and sensitive data from a different, uncompromised computer
- Remove the free-anthropic-claude package from all systems
- Perform a full security audit and malware scan on affected systems
- Consider the affected systems as potentially fully compromised and plan for complete reimaging if critical systems are involved
- Review npm package dependencies to ensure no other malicious packages are present
Sources
- GitHub Advisory GHSA-3h58-8ch3-mgp3 · GitHub Advisory Database
Cite this entry
"Malware in free-anthropic-claude." supplychainattack.org, Supply Chain Attack Incident Catalog. Disclosed June 22, 2026; last updated June 22, 2026. https://supplychainattack.org/incident/malware-in-free-anthropic-claude-4o1gxy
Suggest a correction
Found an error or have a newer source? Corrections to factual errors take priority over new entries.
Related incidents
- containedcritical
Malware in free-claude
The npm package free-claude contained malware that could fully compromise any system on which it was installed or running. GitHub Security Advisory GHSA-7qpf-5pm7-57rh documents the incident.
npmCompromised package - containedcritical
Malware in node-path-utils
Malware was discovered in the npm package node-path-utils. Systems with this package installed are considered fully compromised and require immediate remediation including secret rotation and package removal.
npmCompromised package - activecritical
Malware in mddriver
The npm package mddriver contains malware that grants full control of affected systems. Any computer with this package installed or running should be considered fully compromised and all secrets and keys rotated immediately from a different machine.
npmCompromised package - containedhigh
Microsoft links Mastra AI supply chain attack to North Korean hackers
Microsoft attributed a Mastra AI supply chain attack that compromised over 140 npm packages to North Korean hacking group Sapphire Sleet (BlueNoroff). The attack targeted the npm ecosystem and AI development infrastructure.
UNC1069npmAI agents & skillsCompromised packageMalicious maintainer