Anthropic accidentally exposed Claude Code source, raising security concerns

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...
WinBuzzer

Claude Code Source Leak Exposes Anti-Distillation Traps

Anthropic's Claude Code source has leaked via a packaging error, exposing anti-distillation traps, an undercover mode, and scaffolding for an unreleased agent.
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

U.S. says Ottawa failing to block imports made with forced labour

Canada pledged to the U.S. that it would ban imports of products made with forced labour as part of negotiations that led to ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
WinBuzzer

Anthropic Leaks Claude Code Source via Npm Source Map

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...
The Hacker News

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.
InfoWorld

Claude Code AI tool getting auto mode

Anthropic is fitting its Claude Code AI-powered coding assistant with an auto mode for the Claude AI assistant to handle ...