Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

The source code of Anthropic's CLI tool Claude Code was accidentally made publicly accessible via a source map in the npm ...

A hacker took over an account belonging to the lead maintainer of the JavaScript library, Axios, which is used to handle HTTP requests, as reported by Cybernews. Security researchers found that ...

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...

Axios, a widely used JavaScript HTTP client, was briefly distributed through npm in two malicious versions after a maintainer account was taken over. Security r ...

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

Anthropic accidentally leaked key details of its AI tool Claude Code.

The entire source code for Anthropic’s Claude Code command line interface application (not the models themselves) has been ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...