SecurityWeek

Critical Flowise Vulnerability in Attacker Crosshairs

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.
InfoWorld

GitHub Copilot CLI adds Rubber Duck review agent

Rubber Duck uses a second model from a different AI family to evaluate the primary agent’s plans, question assumptions, and ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Anthropic accidentally exposed Claude Code source, raising security concerns

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

Anthropic leaks source code for Claude Code again: Here's what happened

Anthropic has exposed Claude Code's source code, with a packaging error triggering a rapid chain reaction across GitHub and ...
Security Boulevard

Anthropic Claude Code Leak

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
The Hacker News

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

Claude Code 2.1.88 leak exposed 512,000 lines via npm error, fueling supply chain risks and typosquatting attacks.

Pima supervisors vote to oppose Trump's mail-in voting order

The Pima County board opposes a Trump executive order aimed at creating a federal list of U.S. citizens who are eligible to ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...

Claude Code source leak reveals how much info Anthropic can hoover up about you and your system

For those who recall the debate surrounding Microsoft Recall not long ago, Claude Code's capture of activity is similar.
Visual Studio Magazine

Hands On with OpenClaw Node for VS Code: Real Workflow, Real Friction

OpenClaw's Node for VS Code extension proved it can support a real local file-based workflow, but on Windows the experience still feels more like early infrastructure than finished tooling.