Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

Source Code for Anthropic’s Claude Code Leaks at the Exact Wrong Time

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...

Oracle unveils Project Detroit for faster Java interop with JavaScript and Python

JavaOne Oracle has shipped Java 26, a short-term release, and introduced Project Detroit, which promises faster interop ...

Anthropic leaks source code for Claude Code again: Here's what happened

Anthropic has exposed Claude Code's source code, with a packaging error triggering a rapid chain reaction across GitHub and ...
Morning Overview on MSN

Vibe coding’s downsides are piling up, especially for open-source projects

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...

Hacker hijacks Axios open-source project, used by millions, to push malware

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...

Anthropic’s Claude Code Source Leaked

Anthropic has leaked the full source code for Claude Code via an npm update, revealing unreleased features like autonomous ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...