The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
InfoWorld

Is your Node.js project really secure?

Node.js does not need more theatrical security output. It needs better developer workflow infrastructure. It needs tools that ...
CNET

Google Upgrades Maps Features With More Gemini and Faster Photo Uploads

Blake has over a decade of experience writing for the web, with a focus on mobile phones, where he covered the smartphone boom of the 2010s and the broader tech scene. When he's not in front of a ...
InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...
VentureBeat

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Every enterprise running AI coding agents has just lost a layer of defense. On March 31, Anthropic accidentally shipped a 59.8 MB source map file inside version 2.1. ...
TechSpot

Anthropic accidentally exposed Claude Code source, raising security concerns

What we know so far: Anthropic is facing renewed scrutiny from the AI and security communities after internal source code for Claude Code – its fast-growing agentic development environment – was ...
CNET

Anthropic Accidentally Exposes Source Code for Claude Code

Steven Musil is a senior news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around ...
winbuzzer.com

Anthropic Leaks Claude Code Source via Npm Source Map

A packaging error revealed Anthropic’s entire Claude Code codebase, spanning nearly 1,900 TypeScript files and over 512,000 lines of code, after a source map file ...
Bleeping Computer

Claude Code source code accidentally leaked in NPM package

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no customer data or credentials were exposed. While Anthropic pledges support to the ...
Ars Technica

Entire Claude Code CLI source code leaks thanks to exposed map file

The entire source code for Anthropic’s Claude Code command line interface application (not the models themselves) has been leaked and disseminated, apparently due ...
VentureBeat

Claude Code's source code appears to have leaked: here's what we know

VentureBeat made with Google Gemini 3.1 Pro Image Anthropic appears to have accidentally revealed the inner workings of one of its most popular and lucrative AI products, the agentic AI harness Claude ...