Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s ...

Spread the loveIn a worrying development for the cybersecurity landscape, North Korean hackers have successfully infiltrated the widely-used Axios NPM package, introducing backdoored versions of the ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

Suspected North Korean hackers have compromised Axios, one of the most widely used JavaScript libraries in American software development, by hijacking a maintainer’s npm account and publishing tainted ...

The attacked uses the memo field of Solana transactions to run stealth malware that steals crypto wallet data, and even ...

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

Cloud attacks are getting faster and deadlier - here's your best defense plan ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...