Prasenjit(@Star_Knight12):hackers are now hiding malicious code inside .cursorrules and CLAUDE.md files. invisible Unicode characters, your AI reads them, you don't. → 34 malicious packages across npm, PyPI and Crates .io → 384 versions designed to steal SSH keys, crypto wallets, and API tokens → attackers opened real PRs to LangChain, LlamaIndex, and MetaGPT to sneak these files in → your AI runs a fake "security scan" that silently exfiltrates everything Socket detected it in under 6 minutes. check your repos.

2026.05.24 16:28

hackers are now hiding malicious code inside .cursorrules and CLAUDE.md files. invisible Unicode characters, your AI reads them, you don't. → 34 malicious packages across npm, PyPI and Crates .io → 384 versions designed to steal SSH keys, crypto wallets, and API tokens → attackers opened real PRs to LangChain, LlamaIndex, and MetaGPT to sneak these files in → your AI runs a fake "security scan" that silently exfiltrates everything Socket detected it in under 6 minutes. check your repos.