Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...
InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...

Anthropic accidentally exposed Claude Code source, raising security concerns

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...
Lynnwood Times

Anthropic leaks source code for its AI coding agent Claude

Anthropic accidentally exposed roughly 512,000 lines of proprietary TypeScript source code for its AI-powered coding agent ...