GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
WinBuzzer

Anthropic Leaks Claude Code Source via Npm Source Map

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...

Why the axios supply chain attack should have Apple worried

Critical digital infrastructure is increasingly maintained by under‑resourced individuals, yet exploits have economic and ...
CSO Online

Anthropic employee error exposes Claude Code source

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...
InfoWorld

Visual Studio Code previews chat customizations editor

Just-released Version 1.113 of Microsoft’s Visual Studio Code editor emphasizes improvements ranging from chat customizations ...
InfoWorld

VS Code now updates weekly

Agents, browser debugging, and deprecation of Edit Mode are all highlighted in the latest versions of the popular code editor ...
How-To Geek on MSN

Android's sideloading changes, the big Visual Studio Code update, better Linux phones, and more: News roundup

Everything you may have missed from the past week.

Google developers find that with AI, judgment is more important than JavaScript

Companies like Google are using AI to take over the bulk of coding. This gives developers more decision-making and oversight ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
Forbes

Cursor Goes To War For AI Coding Dominance

On January 5, employees at Cursor returned from the holiday weekend to an all-hands meeting with a slide deck titled “War Time.” During the break, employees playing with Anthropic’s latest model, Opus ...
Bleeping Computer

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

Update: Added Wikimedia Foundation's statement below and made a correction to denote it was only the Meta-Wiki that was vandalized. The Wikimedia Foundation suffered a security incident today after a ...