{"data":{"id":"fb3d15ac-1593-4b96-99bf-710d132b77c4","title":"Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms","summary":"Anthropic confirmed that Claude Code's source code was accidentally leaked through an npm package (a JavaScript library repository) containing a source map file, exposing nearly 2,000 TypeScript files and over 512,000 lines of code. The leaked code revealed internal features like a self-healing memory architecture and a stealth mode for making hidden contributions to open-source projects, creating security risks because attackers can now study how the system works to bypass its safeguards. Additionally, users who downloaded the affected version between specific times on March 31, 2026 may have received a trojanized HTTP client (compromised software) containing malware.","solution":"Anthropic stated it is 'rolling out measures to prevent this from happening again.' Users who installed or updated Claude Code via npm on March 31, 2026 between 00:21 and 03:29 UTC are advised to immediately downgrade to a safe version and rotate all secrets (regenerate passwords and access keys).","labels":["security","privacy"],"sourceUrl":"https://thehackernews.com/2026/04/claude-code-tleaked-via-npm-packaging.html","publishedAt":"2026-04-01T06:12:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain","model_theft","data_extraction"],"issueType":"news","affectedPackages":null,"affectedVendors":["Anthropic"],"affectedVendorsRaw":["Anthropic","Claude Code","npm"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-04-01T06:12:00.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}