Source Code for Anthropic’s Claude Code Leaks at the Exact Wrong Time

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...

Anthropic goes nude, exposes Claude Code source by accident

Would you like a closer look at Claude? Someone at Anthropic has some explaining to do, as the official npm package for ...
SecurityWeek

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise

When researchers found an obfuscated token while examining the relationship between OpenAI Codex and GitHub, they took notice ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The Hacker News

Claude Code Security and Magecart: Getting the Threat Model Right

Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Dark Reading

AI-Powered 'DeepLoad' Malware Steals Credentials, Evades Detection

The massive amount of junk code that hides the malware's logic from security scans was almost certainly generated by AI, ...
Cybernews

Anthropic inadvertently leaks source code for Claude Code CLI tool

Anthropic, the flagship AI company, has inadvertently exposed the source code for its major CLI tool Claude Code. It has ...

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...
Decrypt

OpenClaw Developers Lured in GitHub Phishing Campaign Targeting Crypto Wallets

The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...
Bitdefender

War in the Middle East Triggers Surge in Phishing and Malware Campaigns Targeting Gulf Countries

Bitdefender finds a sharp rise in phishing and malware emails targeting Gulf countries after February 28 escalation.