GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

'Hundreds of thousands of stolen secrets could potentially be circulating as a result of these recent attacks': Google says North Korean hackers behind major attack on Axi…

It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...

Anthropic leaks source code for Claude Code again: Here's what happened

Anthropic has exposed Claude Code's source code, with a packaging error triggering a rapid chain reaction across GitHub and ...
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

Claude Code Source Code Exposed: Inside Anthropic’s Massive Slip-Up

This is the mothership of all code leaks! The code of #ClaudeCode has been leaked! The big deal is that #Anthropic is a ...
Decrypt

Anthropic Accidentally Leaked Claude Code's Source—The Internet Is Keeping It Forever

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

'More Open Than OpenAI': Anthropic Accidentally Leaks Claude Code, Triggering a Race to Replicate It

Anthropic accidentally exposed over half a million lines of its Claude Code, triggering a rapid global effort to copy and ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

How AI has suddenly become much more useful to open-source developers

More open-source developers are finding that, when used properly, AI can actually help current and long-neglected programs.
InfoWorld

Visual Studio Code previews chat customizations editor

Just-released Version 1.113 of Microsoft’s Visual Studio Code editor emphasizes improvements ranging from chat customizations ...

Major compromise of the telnyx PyPI library could put millions of users at risk

JFrog reports Telnyx PyPI package was poisoned with malware by TeamPCP Malicious update delivered hidden .wav payload that ...

Google Student Researcher 2026 Applications Close on March 31, Direct Link To Apply Here

Google Student Researcher 2026: Selected students will be responsible for conducting research to develop solutions for real-world, large-scale problems.