Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...

�� CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest [email protected] now pulls ...