Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and blog posts in a publicly visible data cache, Anthropic has been hit with yet ...

I have eight years of experience covering Android, with a focus on apps, features, and platform updates. I love looking at ...

Anthropic has exposed Claude Code's source code, with a packaging error triggering a rapid chain reaction across GitHub and ...

How AI has suddenly become much more useful to open-source developers ...

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB JavaScript source map intended only for internal ...

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack.

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...