Anthropic accidentally exposed Claude Code source, raising security concerns

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...
InfoWorld

Anthropic employee error exposes Claude Code source

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...
coinspeaker

iPhone Crypto Exploit Kit: Google Warns of ‘Coruna’ Seed Phrases Theft

Google Threat Analysis Group (TAG) has identified ‘Coruna’, a sophisticated iPhone crypto exploit kit that has migrated from state-sponsored espionage to mass-market financial theft targeting wallets.