Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

A missed step in a manual deployment process exposed the internal workings of one of AI's hottest coding tools—and briefly ...

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

Claude Code, Anthropic’s top AI agent, just suffered a major source code leak. Version 2.1.88 exposed 512,000 lines of ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no ...

Axios, a widely used JavaScript HTTP client, was briefly distributed through npm in two malicious versions after a maintainer ...

In order to spread Vidar information-stealing malware, threat actors are taking advantage of the recent Claude Code source ...