In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Anthropic took down thousands of GitHub repos trying to yank its leaked source code — a move the company says was an accident

On Tuesday, a software engineer discovered that Anthropic had, seemingly by accident, included access to the source code for ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
WinBuzzer

Claude Code Bug May Destroy Uncommitted Work Every 10 Minutes

Anthropic's Claude Code CLI has been found silently running git reset --hard every 10 minutes, destroying uncommitted changes ...

Claude Code leak explained: What Anthropic accidentally revealed

Anthropic appears to have accidentally revealed how one of its most important AI products works. A large internal file linked ...
Make Tech Easier

I Replaced Claude Code With Codex, And I Should Have Done It Sooner

Swapping Claude Code for Codex turned out to be an easy win, with faster results, lower token usage, and a smoother workflow.
Infosecurity Magazine

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by ...
WinBuzzer

90% of Claude Code Output Lands in Low-Star GitHub Repos

Anthropic's Claude Code has surpassed 20 million GitHub commits, but 90% of output has landed in repos with fewer than two ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...