The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

Although executed by different attackers – Axios by North Korean-linked goons, and Trivy et al. by a loosely knit band of ...

AI firm Anthropic accidentally leaked its Claude Code source code via an npm package, revealing unreleased features like an ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

A missed step in a manual deployment process exposed the internal workings of one of AI's hottest coding tools—and briefly ...

Mac users running OpenAI's desktop applications must update immediately or risk losing access after May 8. The company issued ...

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...

Claude Code, Anthropic’s top AI agent, just suffered a major source code leak. Version 2.1.88 exposed 512,000 lines of ...