Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...
It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...
The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...
Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...
Anthropic has been scrambling to contain a self-inflicted mess after it accidentally leaked a treasure trove of internal code ...
Over 500,000 lines of Claude Code source code leaked via a bad npm package—and now several unannounced features are now ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
5h
In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now
Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and ...
ChatGPT, Gemini and other AI assistants have a massive blind spot that hidden commands on websites can use to hijack your ...
Anthropic inadvertently released internal source code behind its popular AI-powered Claude coding assistant, raising ...
Chief among these features is Kairos, a persistent daemon that can operate in the background even when the Claude Code ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results