Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

Anthropic’s Claude Code Source Leaked

Anthropic has leaked the full source code for Claude Code via an npm update, revealing unreleased features like autonomous ...

Claude Code leak explained: What Anthropic accidentally revealed

Anthropic accidentally leaked key details of its AI tool Claude Code.

Claude Code source code accidentally leaked in NPM package

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Claude Code source code leak: Did Anthropic just expose its AI secrets, hidden models, and undercover coding strategy to the world?

Claude Code, Anthropic’s top AI agent, just suffered a major source code leak. Version 2.1.88 exposed 512,000 lines of ...
Analytics India Magazine

Claude Code Leak Was a ‘Manual Error’, and ‘No one Was Fired’

Boris Cherny, the creator and Head of Claude Code at Anthropic, has confirmed that there was a leak of the company’s internal ...

Supply chain attack hits Axios npm releases, users urged to rotate keys

Two malicious Axios npm releases have prompted warnings for developers to rotate credentials and treat affected systems as ...
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

H33 Launches HICS for Free: The First Trust-less Software Scoring Tool with Post Quantum Cryptographic Proof

Free cryptographically verified code quality scoring for software procurement. The best software wins. Not the best ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...