Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...
Bleeping Computer

Axios npm hack used fake Teams error fix to hijack maintainer account

The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by a social engineering campaign linked to North Korean hackers ...
India Today on MSN

GitHub suffers breach in internal code, hackers claim they have source code for sale

GitHub's source code is allegedly on sale online. Hackers claim that they will release it for free if they don't find a buyer ...
Gizmodo

Anthropic Can’t Cover Up Its Claude Code Leak Fast Enough

Most companies are extremely protective of their planned product releases, using internal code names and requiring journalists to agree to embargoes before revealing details. Anthropic has ...
InfoWorld

Anthropic employee error exposes Claude Code source

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary source code. An Anthropic employee accidentally exposed the entire ...
Bleeping Computer

Trellix discloses data breach after source code repository hack

Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository. Trellix is a global cybersecurity company formed from the October 2021 ...
VentureBeat

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how ...

Anthropic pointed its most advanced AI model, Claude Opus 4.6, at production open-source codebases and found a plethora of security holes: more than 500 high-severity vulnerabilities that had survived ...