The Claude Code active attack didn't stop. 294,842 secrets stolen from 6,943 machines. It evolved and now spreads through Python too and uses Claude Code itself to steal your secrets. The risk to your credentials just got bigger.
A sophisticated cyberattack campaign, tracked as UNC6780 or TeamPCP, has evolved to target AI coding tools, including Claude Code. The malware, now named "Hades: The End for the Damned," spreads through Python and manipulates AI assistants by planting malicious instructions in their configuration files. This campaign has already compromised thousands of machines, stolen hundreds of thousands of secrets, and even breached GitHub's internal repositories, with the attackers open-sourcing their methods and offering bounties, leading to widespread adoption and new variants. AI
IMPACT This evolving malware campaign directly targets AI coding assistants, creating a new attack surface that bypasses traditional security measures and potentially compromises sensitive data.