JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
alibaba-dragonwell.json almalinux.json alpine-linux.json amazon-aurora-postgresql.json amazon-cdk.json amazon-corretto.json amazon-documentdb.json ...
These steps install everything at the user level so the agents, skills, and settings are available across all your projects (Claude Code reads from ~/.claude/ on ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results