(Image credit: Sony Santa Monica) We're continually warned about the prospect of AI-generated malware these days, but there is one important factor working in our favour: sometimes, it's kinda rubbish. Ox Security researchers have discovered an info-stealing malicious npm package called mouse5212-super-formatter, designed to target Claude users. The nasty little blighter reached 676 downloads before being unmasked, after the apparently AI-coded malware leaked its own GitHub private token (via The Registry ). The researchers say the infostealer posed as an internal "archive deployment sync utility", but in reality, it "authenticates to GitHub (using an environment token or a hard-coded fallback), checks whether a target repository exists, creates it if needed, then recursively walks a local directory and uploads every file through the GitHub Contents API." The malware then stores stolen files under a random per-run folder name, while also writing a fake network connections log to make "execution look like…