InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Security researcher Chaofan Shou discovered on March 31 that Anthropic's Claude Code CLI tool had its full TypeScript source code sitting in plain sight on the public ...
TechCrunch

North Korea’s hijack of one of the web’s most used open source projects was likely weeks in the making

A North Korean cyberattack that last Monday briefly hijacked one of the most widely used open source projects on the web took weeks to carry out as part of a long-running campaign to target the code’s ...
VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...
CNET

Anthropic Accidentally Exposes Source Code for Claude Code

Steven Musil is a senior news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around ...
The Hacker News

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

Anthropic on Tuesday confirmed that internal code for its popular artificial intelligence (AI) coding assistant, Claude Code, had been inadvertently released due to a ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, two new npm packages for updated versions of Axios, a popular HTTP client for JavaScript that simplifies making HTTP requests to a REST endpoint with over 70 million weekly ...
winbuzzer.com

Anthropic Leaks Claude Code Source via Npm Source Map

A packaging error revealed Anthropic’s entire Claude Code codebase, spanning nearly 1,900 TypeScript files and over 512,000 lines of code, after a source map file ...
Bleeping Computer

Claude Code source code accidentally leaked in NPM package

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no customer data or credentials were exposed. While Anthropic pledges support to the ...
VentureBeat

Claude Code's source code appears to have leaked: here's what we know

VentureBeat made with Google Gemini 3.1 Pro Image Anthropic appears to have accidentally revealed the inner workings of one of its most popular and lucrative AI products, the agentic AI harness Claude ...
InfoWorld

Are you ready for JavaScript in 2026?

Strip the types and hotwire the HTML—and triple check your package security while you are at it. JavaScript in 2026 is just getting started. I am loath to inform you that the first month of 2026 has ...
InfoQ

NPM Ecosystem Suffers Two AI-Enabled Credential Stealing Supply Chain Attacks

The Node Package Manager (npm) ecosystem has suffered from two major supply chain attacks in recent months, affecting hundreds of packages and exposing developers to credential theft and data ...