Claude Code: MCP Security Flaw in Anthropic’s Coding Assistant5. June 2026Anthropic, Claude Code, CybersecurityMalicious npm packages can overwrite Claude Code’s configuration file, steal OAuth tokens from the network, and use them to access all connected enterprise services while audit logs show clean Anthropic IP addresses. Share on: