I tried Claude Cowork on my Gmail inbox after Gemini choked - and it saved me hours of work ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.