Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Hackers are exploiting Anthropic's accidental Claude Code source leak to distribute Vidar and GhostSocks malware through fake ...

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

The malware, known as Phantom Stealer, collects browser credentials, cookies, saved passwords, autofill data and payment card ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

OpenClaw's Node for VS Code extension proved it can support a real local file-based workflow, but on Windows the experience still feels more like early infrastructure than finished tooling.

In order to spread Vidar information-stealing malware, threat actors are taking advantage of the recent Claude Code source ...

Cybercriminals are increasingly prioritizing speed and scalability over technical sophistication. Rather than crafting highly ...

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...