claude-cup

MAL-2026-5789

npmmalware6/15/2026

Description

Malicious code in claude-cup (npm)

Indicators of Compromise

SHA256 Hashes (28)

0ca313acbd65472f9bdbffcefdcb5c2c03a6977b2dd2764392b1d13654d7729c

2282038479538bfa79408b52a7aeac3bea79ec98e0c8c73d00fdf4a7e606ed08

2eed29c3a0efc76c4bc1e77d78a589c5082a24947d53c55342b9baf70f8aeed9

323ec4c9b1ded4948c7b5b62bf3894474d7704d6d1ccb87c8d817b38f69771c8

3fe0bffc09deb1975cb6dbe5fdd8ae7722583c843518680872cd7b085e7bbba0

b8da54693746c59447cd7472f1cfc401cab2b81367b0c78e04656a0b22bcb1d8

ca22897cd64a9bc44902b65cc760d02b803fd5a8f3abe5c3c74d35136cf8174d

179fc090ecbff516b2a9a7c3f0504ded136eec723f85fed1fd5d9dd6fa2588ff

2207aef4504b849c5f6dac52fd11737c2af5edd803ea765c9b2080ec5f7dce29

2475cc5c5932e736ecb82592b80a46edb519136d2741774b0745d6f2aab077a9

References (14)

https://www.npmjs.com/package/claude-cup/v/0.7.3OSV https://www.npmjs.com/package/claude-cup/v/0.2.2OSV https://www.npmjs.com/package/claude-cup/v/0.2.4OSV https://www.npmjs.com/package/claude-cup/v/0.4.0OSV https://www.npmjs.com/package/claude-cup/v/0.3.1OSV https://www.npmjs.com/package/claude-cup/v/0.7.6OSV https://www.npmjs.com/package/claude-cup/v/0.7.4OSV https://www.npmjs.com/package/claude-cup/v/0.2.3OSV https://www.npmjs.com/package/claude-cup/v/0.2.0OSV https://www.npmjs.com/package/claude-cup/v/0.7.0OSV https://www.npmjs.com/package/claude-cup/v/0.4.1OSV https://www.npmjs.com/package/claude-cup/v/0.3.0OSV https://www.npmjs.com/package/claude-cup/v/0.7.2OSV https://www.npmjs.com/package/claude-cup/v/0.7.5OSV

Details

Ecosystemnpm

Attack Typemalware

Published6/15/2026

Quick Actions

All Incidents npm Incidents

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001