A simple human mistake has revealed all 500,000+ lines of code that make up Claude Code. How big a deal is that, really?

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

'This is unironically a malware nuclear missile.' ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

How AI has suddenly become much more useful to open-source developers ...

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

A hacker took over an account belonging to the lead maintainer of the JavaScript library, Axios, which is used to handle HTTP requests, as reported by Cybernews. Security researchers found that ...

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...

The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will ...

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

Critical digital infrastructure is increasingly maintained by under‑resourced individuals, yet exploits have economic and ...