Claude-Generated Commit Adds PromptMink Malware to Crypto Trading Agent

📅 30 April 2026 at 08:39 UTC📰 Cyber Security NewsView original source ↗

A new threat has quietly taken root in the software development world, using an AI coding assistant as an unknowing participant in a supply chain attack. A malicious npm package campaign called PromptMink surfaced after being introduced into an open-source autonomous crypto trading project through a code commit co-authored by Anthropic’s Claude Opus large language […] The post Claude-Generated Commit Adds PromptMink Malware to Crypto Trading Agent appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

A malicious npm package campaign, PromptMink, was introduced into an open-source autonomous crypto trading project through a code commit co-authored by Anthropic's Claude Opus large language model, compromising the integrity of the software.

⚙️Technical Details

Affected Systems

Open-source autonomous crypto trading projects using the affected npm package

Attack Vectors

Supply chain attack via code commit

💥Impact Assessment

Severity: High

Who Is at Risk

Developers and users of open-source autonomous crypto trading projects

🛡️Recommended Actions

1Regularly update and patch affected software

2Monitor for suspicious activity in code commits

3Use secure coding practices to prevent similar attacks

📦Affected Products

Open-source autonomous crypto trading projects using the affected npm package

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News ↗

← Back to feed