GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...
Anthropic's Claude Code source has leaked via a packaging error, exposing anti-distillation traps, an undercover mode, and ...
Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
Tom's Hardware on MSN
One of JavaScript's most popular libraries compromised by hackers
An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
不可視の属性を持つUnicode(ユニコード)文字をコードに埋め込んで、悪意あるプログラムを実行させる新手の攻撃手法「GlassWorm(グラスワーム)」が急拡大している。攻撃者は、GitHubで多数の開発者が参画する開発プロジェクトなどで善意を装い ...
The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...
Claude Code, Anthropic’s top AI agent, just suffered a major source code leak. Version 2.1.88 exposed 512,000 lines of ...
The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...
一部の結果でアクセス不可の可能性があるため、非表示になっています。
アクセス不可の結果を表示する