Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

Would you like a closer look at Claude? Someone at Anthropic has some explaining to do, as the official npm package for ...

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

The fastest repo in history to surpass 50K stars ⭐, reaching the milestone in just 2 hours after publication. Better Harness ...

The entire source code for Anthropic’s Claude Code command line interface application (not the models themselves) has been ...

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...