Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Google launches Gemma 4 AI models for data centres and smartphones: What CEO Sundar Pichai and Demis Hassabis have to say

Google has unveiled Gemma 4, its most capable open-source AI model family, designed for broad accessibility from data centers ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

Supply chain attack hits 100 million-download Axios npm package

�� CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest [email protected] now pulls ...
Security Boulevard

Anthropic Claude Code Leak

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...
The Week

'Always-on agent' and AI pet 'Buddy': Anthropic’s Claude source code leak reveals hidden features

Anthropic's accidental leak has exposed Claude AI's internal code, revealing several unreleased features like Buddy, KAIROS ...

Anthropic Claude Code Leak Reveals Secrets—Self-Healing Memory, Undercover Mode, KAIROS Features Unveiled

Discover the implications of the Claude code leak, revealing the inner mechanics of Anthropic's AI system, including ...

Claude Code leak explained: What Anthropic accidentally revealed

Anthropic accidentally leaked key details of its AI tool Claude Code.

'More Open Than OpenAI': Anthropic Accidentally Leaks Claude Code, Triggering a Race to Replicate It

Anthropic accidentally exposed over half a million lines of its Claude Code, triggering a rapid global effort to copy and ...
Decrypt

Anthropic Accidentally Leaked Claude Code's Source—The Internet Is Keeping It Forever

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...