New Blog: Mini Shai-Hulud "Miasma" Hits @redhat-cloud-services: 32 Packages at Risk
Edit Calendar Icon 1 Jun 2026
SafeDep Logo

Claude Code Hook Backdoors

discovered 2026-05-13
JSON CSV

Five npm packages (iceberg-javascript, supabase-javascript, auth-javascript, microsoft-applicationinsights-common, ms-graph-types) that abuse Claude Code hooks to backdoor AI coding sessions.

Objective

Backdoor developer AI coding sessions via Claude Code hooks.

Packages

Indicators

Techniques

Read the full analysis →