Cybersecurity researchers have discovered a new malicious
package on the npm registry that comes with information stealing
capabilities. According to OX Security, the package, named
"mouse5212-super-formatter," is designed to upload files from
"/mnt/user-data," a dedicated directory used by Anthropic's Claude
artificial intelligence (AI) tool to handle uploads and outputs in
the background. The
Read more https://thehackernews.com/2026/05/malicious-npm-package-stole-files-from.html
