The exploit is a postinstall hook, so CC users would be unaffected. Claude Code itself is most likely built with bun and not npm, so the CC developers would also be immune.
replyOh right, I just saw https://news.ycombinator.com/item?id=47582220 will update the post with this link
replyWhat version?
reply1.13.6, so should not be affected by the malware
reply