Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking

Staff Editor 2026-05-27
Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking

Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking

https://www.securityweek.com/claude-code-oauth-tokens-can-be-stolen-through-stealthy-mcp-hijacking/

Publish Date: 2026-05-07 10:33:06

Source Domain: www.securityweek.com

OAuth token theft vulnerability in Claude Code

Mitiga Labs has exposed a critical vulnerability in the Claude Code agentic system, highlighting the risk of unauthorized OAuth token access. An attacker can execute a stealthy man-in-the-middle attack, enabling them to intercept and redirect output, including OAuth tokens, into their own infrastructure. This occurs if the attacker installs a crafted npm package that hooks into the system’s lifecycle events, thus modifying the main configuration file, ~/.claude.json, in order to redirect MCP server traffic through the attacker’s own server. The consequences include seamless theft of OAuth tokens as the tokens are stored in plain text, which can then be used to bypass MFA and access any integrated tool with the same permissions as the legitimate user. Mitiga Labs emphasizes that users must actively monitor their system activities to detect any unauthorized changes and warns that relying on a future solution from Anthropic is not advisable, given the company’s reluctance to address the disclosed issues.

Key Points:

  • OAuth Token Theft: – The generated text has been blocked by our content filters.

More Stories

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Staff Editor 2026-06-06
Franklin Student is a Cyber Security Champ at Bridgewater State

Franklin Student is a Cyber Security Champ at Bridgewater State

Staff Editor 2026-06-06
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

Staff Editor 2026-06-06

You may have missed

The Quiet Bet Investors Are Making On The Unglamorous Side Of AI

The Quiet Bet Investors Are Making On The Unglamorous Side Of AI

Staff Editor 2026-06-06
Prediction: This Artificial Intelligence Semiconductor Stock Will Outperform Nvidia Over the Next 5 Years

Prediction: This Artificial Intelligence Semiconductor Stock Will Outperform Nvidia Over the Next 5 Years

Staff Editor 2026-06-06
Watch: AI leaders discuss technology in every day life at Colorado SunFest 2026

Watch: AI leaders discuss technology in every day life at Colorado SunFest 2026

Staff Editor 2026-06-06
How Formula E’s AI Revolution Is Teaching Road Cars To Manage Energy

How Formula E’s AI Revolution Is Teaching Road Cars To Manage Energy

Staff Editor 2026-06-06
Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy