Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

On X, Shou linked to a zip file with the leaked code. He is the CTO of Fuzzland and a dropout of the UC Berkeley Ph.D.

Sigrid Jin woke up to chaos and shipped "Claw Code" by breakfast. Here's everything it taught the world in 24 hours.

This is the mothership of all code leaks! The code of #ClaudeCode has been leaked! The big deal is that #Anthropic is a ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Anthropic accidentally exposed over half a million lines of its Claude Code, triggering a rapid global effort to copy and ...

Anthropic is attempting to contain a leak of its AI tool Claude Code after internal source code was accidentally released and ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had ...

Microsoft plans major WSL improvements in Windows 11 2026, with faster file performance, better networking, and easier setup ...

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...