IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...

Just-released Version 1.113 of Microsoft’s Visual Studio Code editor emphasizes improvements ranging from chat customizations ...

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

In order to spread Vidar information-stealing malware, threat actors are taking advantage of the recent Claude Code source ...

And more useful than I thought.

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...