A sophisticated cyberattack campaign, tracked as UNC6780 or TeamPCP, has evolved to target AI coding tools, including Claude Code. The malware, now named "Hades: The End for the Damned," spreads through Python and manipulates AI assistants by planting malicious instructions in their configuration files. This campaign has already compromised thousands of machines, stolen hundreds of thousands of secrets, and even breached GitHub's internal repositories, with the attackers open-sourcing their methods and offering bounties, leading to widespread adoption and new variants. AI
IMPACT This evolving malware campaign directly targets AI coding assistants, creating a new attack surface that bypasses traditional security measures and potentially compromises sensitive data.
RANK_REASON The cluster details a significant evolution in cyberattack methods targeting AI coding tools, posing a widespread security risk. [lever_c_demoted from significant: ic=1 ai=0.8]
- Anthropic
- Claude Code
- Codex
- Copilot
- Cursor
- Gemini
- GitHub
- Hades: The End for the Damned
- Python
- TeamPCP
- UNC6780
AI-generated summary · Google Gemini · from 1 sources. How we write summaries →