The open-sourcing of Claude Code has continued to capture widespread attention. Owing to a slip-up by Anthropic, the entire front-end source code of Claude Code, totaling 513,000 lines, was inadvertently disclosed. According to a report from a security firm, a hacker known as idbzoomh established a bogus repository on GitHub, falsely asserting that it contained leaked source code capable of "unlocking enterprise functionalities" and optimizing indexing to enhance search rankings. Once users download and execute the provided file, the Vidar information-stealing malware infiltrates their systems and deploys the GhostSocks proxy tool. Vidar is adept at pilfering sensitive data, and the malicious compressed package from this counterfeit repository is regularly updated, suggesting the potential for more attack payloads in the future. Furthermore, a second, similar repository was identified, likely utilized by the same perpetrator to experiment with various propagation techniques.