A file containing part of the source code appears to have been leaked with the recent Claude Code 2.1.88 update.

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios maintainers.

'This is unironically a malware nuclear missile.' ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

A new White House app promises direct access to the administration, but its data collection and app behavior raise some ...

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...

The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will ...

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...

The NPM package for Axios, a popular JavaScript HTTP client library, was briefly compromised this week, possibly by North ...

SQRIL, the world’s first crossborder scan-to-pay QR code infrastructure for emerging markets, today announced its expansion into Thailand and Cambodia. This milestone makes ...