Developer Tech

AI code scanners halt Internet Bug Bounty payouts

The Internet Bug Bounty program has paused new submissions, citing a massive expansion in vulnerability discovery by AI code ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...
The Next Web

Hackers breached the European Commission by poisoning the security tool it used to protect itself

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in a supply chain attack. ShinyHunters leaked the data.
Dark Reading

Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit

Hard on the heels of a broad supply chain attack that impacted the Aqua Security-maintained Trivy open source security-scanner project, Checkmarx on Tuesday disclosed that attackers had compromised a ...

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and Enkrypt AI CSO Merritt Baer weigh in on agent permissions and derived IP ...
Bleeping Computer

Claude Code source code accidentally leaked in NPM package

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no customer data or credentials were exposed. While Anthropic pledges support to the ...
Opinion

Project Glasswing and open source software: The good, the bad, and the ugly

While Anthropic claims its Claude Opus 4.6 can barely find zero-days, Mythos Preview can pop up working exploits 72.4 percent of the time. It's a good thing Anthropic has limited its use for now; if ...

Fake QR codes make for easy scams – be careful what you scan out there

QR codes are so familiar and widespread, we tend to trust them without question. That’s exactly what scammers rely on.
TechSpot

AI can clone open-source software in minutes, and that's a problem

Why it matters: Artificial intelligence is forcing a reckoning within the open-source community. The technology's ability to replicate software at scale is blurring the line between innovation and ...
InfoWorld

Anthropic employee error exposes Claude Code source

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary source code. An Anthropic employee accidentally exposed the entire ...
TechSpot

Anthropic accidentally exposed Claude Code source, raising security concerns

What we know so far: Anthropic is facing renewed scrutiny from the AI and security communities after internal source code for Claude Code – its fast-growing agentic development environment – was ...

Security News This Week: Hackers Are Posting the Claude Code Leak With Bonus Malware

Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as part of an ongoing supply chain hacking spree, and more.