Claude Code source code accidentally leaked in NPM package

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no ...
The Hacker News

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

Claude Code 2.1.88 leak exposed 512,000 lines via npm error, fueling supply chain risks and typosquatting attacks.
Bleeping Computer

Python Package Installation Can Trigger Malicious Code

Although there is nothing special about code executing on a machine, the moment when this code is executed is a significant detail from a security standpoint. The Python programming language allows ...
Yahoo

Don't Fall for This Sneaky QR Code Scam if You Get a Surprise Package

Add Yahoo as a preferred source to see more of our stories on Google. A new version of package scams aims to steal your information. A new package scam started this summer, and it's likely to gain ...
Dark Reading

10 Malicious Code Packages Slither into PyPI Registry

Administrators of the Python Package Index (PyPI) have removed 10 malicious software code packages from the registry after a security vendor informed them about the issue. The incident is the latest ...
Threat Post

Malicious npm Code Packages Built for Hijacking Discord Servers

The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. A series of malicious packages in the Node.js package manager (npm) code ...
GeekWire

GitHub adds Package Registry, which allows GitHub users to publish software packages alongside source code

GitHub is expanding the scope of its code repository to include support for publishing software packages, the company annoucned Friday afternoon. After teasing an announcement all week on Twitter, ...