Miasma Worm: How Opening a Repo in Claude Code Became a Credential Theft Vector
A new supply chain attack, dubbed Miasma Worm, has emerged, leveraging configuration files within AI coding tools to steal credentials. Attackers exploit features like session start hooks in tools such as Claude Code and Gemini CLI, as well as agent instructions in Cursor and auto-tasks in VS Code. The attack, attributed to TeamPCP, has already compromised over 100 GitHub repositories by embedding a JavaScript credential harvester that executes automatically when a project is opened in these AI development environments. AI
IMPACT Highlights critical security risks in AI development tools, necessitating immediate patching and heightened vigilance against new supply chain attack vectors.