theAIcatchup

Leaked source map file from Anthropic's Claude Code npm package exposing full TypeScript codebase

Claude Code's NPM Blunder: 512K Lines Spill Anthropic's AI Agent Secrets

Anthropic shipped what they thought was a tidy dev tool. They handed the world their blueprint for next-gen AI agents instead. Oof.

4 min read 4 hours ago

Malicious Axios npm package details showing hidden plain-crypto-js dependency

AI Hardware

Axios Supply Chain Hack Poisons 100M Weekly Downloads with RAT Malware

Everyone figured npm packages were battle-tested safe havens for JavaScript devs. Wrong. This Axios breach — hitting a library with 100 million weekly pulls — just flipped the script on supply chain trust.

3 min read 2 days, 1 hour ago

#npm-security

Claude Code's NPM Blunder: 512K Lines Spill Anthropic's AI Agent Secrets

Axios Supply Chain Hack Poisons 100M Weekly Downloads with RAT Malware

Stay in the loop