SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
Cybernews

WordPress plugins taken offline after a developer found 30 injected with malicious code

Dozens of WordPress plugins have been compromised by an unknown actor who planted backdoors in popular add-ons after buying ...

Pantheon Brings Next.js to Its Platform, Running CMS and Modern Frontends Under One Roof

Pantheon.io, the WebOps platform for running the web as one system at scale, today announced the general availability of managed Next.js. This launch marks a fundamental shift in how organizations ...
Arabian Post

Copilot flaw exposed hidden data paths

GitHub Copilot Chat has been shown to carry a serious prompt-injection weakness that allowed a researcher to demonstrate how secrets, private source code and other sensitive repository data could be ...
The New York Times

The Big Bang: A.I. Has Created a Code Overload

Companies are scrambling to deal with the glut. Credit...Mojo Wang Supported by By Mike Isaac and Erin Griffith Reporting from San Francisco When a financial services company recently began using ...
Wired

Security News This Week: Hackers Are Posting the Claude Code Leak With Bonus Malware

A WIRED investigation based on Department of Homeland Security records this week revealed the identities of paramilitary Border Patrol agents who frequently used force against civilians during ...

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and Enkrypt AI CSO Merritt Baer weigh in on agent permissions and derived IP ...
Bleeping Computer

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. Claude Code is a terminal-based AI agent from ...
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found by Adversa AI. On March 31, 2026, Anthropic mistakenly included a ...
TechCrunch

Anthropic took down thousands of GitHub repos trying to yank its leaked source code — a move the company says was an accident

Anthropic accidentally caused thousands of code repositories on GitHub to be taken down while trying to pull copies of its most popular product’s source code off the internet. On Tuesday, a software ...
Engadget

Claude Code leak suggests Anthropic is working on a 'Proactive' mode for its coding tool

What should have been a routine release has revealed some of the features Anthropic has been working on for Claude Code. As reported by Ars Technica, The Verge and others, after the company released ...
TweakTown

Anthropic confirms it leaked the source for Claude Code, blames human error

TL;DR: Anthropic accidentally exposed over 500,000 lines of source code for Claude Code, its AI assistant integration tool, due to a release error. No customer data ...