Researchers scan 10 million websites and uncover thousands of exposed API keys quietly granting access to cloud systems and ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios maintainers.

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

An AI pentesting tool has discovered critical vulnerabilities in default ImageMagick configurations. Workarounds offer ...

'This is unironically a malware nuclear missile.' ...

A compromise of the widely used Axios software package has triggered fresh concern over open-source security after attackers used a hijacked maintainer account to publish poisoned versions carrying ...

Anthropic's Claude Code source has leaked via a packaging error, exposing anti-distillation traps, an undercover mode, and scaffolding for an unreleased agent.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...