InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...
Silicon Canals

One maintainer, one compromised laptop: How North Korean hackers hijacked the Axios open ...

In early April 2025, security researchers confirmed that North Korean state-sponsored hackers had successfully compromised the Axios HTTP library. It is one ...
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

The Axios Hack: How a single compromised account put millions of developers at risk

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Cyber Daily

Code red: North Korean hackers behind compromised Axios npm package

Experts have pinned the attack on “one of npm’s most depended-on packages” on hackers backed by the Democratic People’s ...
Cybernews

North Korean hackers behind axios critical supply chain attack, Google says

According to Google researchers, a North Korean group tracked as UNC1069 has previously targeted cryptocurrency and ...

Claude Code source code leak: Did Anthropic reveal its secret AI models? What it means for ...

Claude Code Source Code Leak Anthropic: Analysts believe the leak could impact the company’s reputation, especially as it is ...

Malware on npm: HTTP client axios loads backdoor for Windows, macOS, and Linux

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...
Analytics Insight

Axios Supply Chain Attack Exposes Crypto Wallets to Hidden Malware Risk

Axios, a widely used JavaScript HTTP client, was briefly distributed through npm in two malicious versions after a maintainer ...