Fake Claude Code download pages push MSHTA infostealer at developers, researchers warn

Threat actors have started abusing fake “Claude Code” download pages to infect developers and IT professionals with an infostealer. The sites imitate legitimate Anthropic branding and install guidance, then lead victims into launching Windows mshta.exe to execute a remotely hosted HTA payload that steals credentials, browser data, and session tokens. Researchers describe this as a […] The post Fake Claude Code download pages push MSHTA infostealer at developers, researchers warn appeared first on VPN Central.