SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...
Morning Overview on MSN

Suspected North Korean hackers compromise widely used US software

Suspected North Korean hackers have compromised Axios, one of the most widely used JavaScript libraries in American software development, by hijacking a maintainer’s npm account and publishing tainted ...

ENFORCEAUTH IDENTIFIES AUTHORIZATION FAILURES AS ROOT CAUSE OF ANTHROPIC’S THREE SECURITY INCIDENTS IN FIVE DAYS

Analysis Shows Production-Deployable Rego Policies Would Have Prevented CMS Data Exposure, 500K-Line Source Code Leak, ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Anthropic says its leak-focused DMCA effort unintentionally hit legit GitHub forks

“The repo named in the notice was part of a fork network connected to our own public Claude Code repo, so the takedown ...

Anthropic’s Claude Code Update Leaks Source Code, Reveals Always-on Agent and Memory Optimisation: Report

A file containing part of the source code appears to have been leaked with the recent Claude Code 2.1.88 update.

The Axios Hack: How a single compromised account put millions of developers at risk

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios maintainers.

Anthropic's Boris Cherny, creator of $2.5 billion coding tool, makes a ‘clarification’ on Claude Code leak: ‘It's never an individual's fault, it’s the…’

A missed step in a manual deployment process exposed the internal workings of one of AI's hottest coding tools—and briefly ...

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and ...

A 4 a.m. scramble turned Anthropic's leak into a 'workflow revelation'

Sigrid Jin woke up to chaos and shipped "Claw Code" by breakfast. Here's everything it taught the world.

Anthropic says it accidentally leaked internal source code for AI chatbot

Earlier today, a Claude Code release included some internal source code. No sensitive customer data or credentials were ...

Anthropic took down thousands of GitHub repos trying to yank its leaked source code — a move the company says was an accident

On Tuesday, a software engineer discovered that Anthropic had, seemingly by accident, included access to the source code for ...