Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...
CSOonline

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code to escape the container and do nasty things to IT environments. As a result, ...
New Scientist

Backlash builds over NHS plan to hide source code from AI hacking risk

A decision by NHS England to withdraw open-source code created with UK taxpayer funds because of the risk posed by computer-hacking AI models is attracting growing backlash. Last month, Mythos, an AI ...
Infosecurity-magazine.com

Trellix Reveals Unauthorized Access to Source Code

A leading US cybersecurity vendor has been breached by threat actors who managed to access its source code, it has been revealed. Privately held firm Trellix disclosed the incident on May 4, claiming ...
HHS

Trellix Discloses Source Code Hack

Privately-held, extended detection and response firm Trellix disclosed over the weekend that hackers found their way to its source-code repository. See Also: Know Thy Enemy: Threats to Cyber ...
Ars Technica

Microsoft open-sources “the earliest DOS source code discovered to date”

Several times in the last couple of decades, Microsoft has released source code for the original MS-DOS operating system that kicked off its decades-long dominance of consumer PCs. This week, the ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. As of writing, ...
The New York Times

Anthropic’s Leaked Code Tests Copyright Challenges in A.I. Era

Artificial intelligence tools are making it faster than ever to reproduce creative work. Does copyright even matter anymore? By Meaghan Tobin Reporting from Taipei, Taiwan Sigrid Jin was waiting to ...
InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Sophisticated cyberattacks targeting a variety of open source projects, including the Trivy security-scanner project, the widely used Axios Javascript package, and now Anthropic's accidental ...
Columbus Dispatch

Claude Code Leak 2026: Why Teams Are Turning to AICC for Stable Multi-Model AI API Integration

SHENZHEN, GUANGDONG, CHINA, April 3, 2026 /EINPresswire.com/ — On March 31, 2026, Anthropic released version 2.1.88 of its popular AI coding assistant Claude Code ...