How an engineer ensured Claude Code source code leak stays on GitHub despite Anthropic's takedown notice

Anthropic's AI coding assistant's source code leaked, prompting swift copyright takedowns on GitHub. However, one engineer ...
Security Boulevard

Anthropic Claude Code Leak

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...

LiteLLM loses game of Trivy pursuit, gets compromised

Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the ...
The Hacker News

TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

Anthropic Claude source code leak explained: Techie reveals how a 4 am update exposed 512,000 lines of code

A routine software update for Anthropic's Claude Code tool accidentally leaked its entire source code, sparking rapid ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

A 4 a.m. scramble turned Anthropic's leak into a 'workflow revelation'

Meanwhile, techies are spreading their copies in private Discord servers, weeding through newly discovered features like spinner verbs, coding pets, and the "fucks" chart — so dubbed by Claude Code ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
NDTV Profit

Anthropic Source Code Leaked For Second Time In A Week: Here's What It Means

Anthropic accidentally leaked 500,000 lines of proprietary Claude Code. Developers have already rewritten the exposed ...
CSO Online

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

The compromised packages, linked to the Trivy breach, executed a three‑stage payload targeting AWS, GCP, Azure, Kubernetes ...