A popular coding tool was hijacked to deliver malware.

A hacker took over an account belonging to the lead maintainer of the JavaScript library, Axios, which is used to handle HTTP requests, as reported by Cybernews. Security researchers found that ...
WinBuzzer

Anthropic Leaks Claude Code Source via Npm Source Map

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...
Nextgov

North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say

The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will ...
Daily Tech News Show

Popular JavaScript Package Axios Gets Compromised – DTNS 5237

Meta adds two new Ray-Ban frames meant to make them more prescription-lens friendly, and Samsung’s new app plays ultra-low frequencies into most earbuds to help reduce motion sickness. Starring ...
Decrypt

Anthropic Accidentally Leaked Claude Code's Source—The Internet Is Keeping It Forever

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

Claude Code leak explained: What Anthropic accidentally revealed

Anthropic appears to have accidentally revealed how one of its most important AI products works. A large internal file linked ...
PCMag UK

Hacker Tries to Spread Malware to Millions by Hitting 'Axios NPM' Software

Axios functions as pre-built software that a developer can easily incorporate into a JavaScript project. However, a hacker ...

Why the axios supply chain attack should have Apple worried

Critical digital infrastructure is increasingly maintained by under‑resourced individuals, yet exploits have economic and ...

Claude Code source code leak: Did Anthropic just expose its AI secrets, hidden models, and undercover coding strategy to the world?

Claude Code, Anthropics top AI agent, just suffered a major source code leak. Version 2.1.88 exposed 512,000 lines of ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
Cybernews

Code trust crisis: Is it safe to update your system during an active supply chain attack?

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...