Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms - The Hacker News

The Claude Code source code was inadvertently leaked due to an npm packaging error, specifically exposing thousands of TypeScript files via a source map file in version 2.1.88. This leak directly enabled bad actors to bypass AI guardrails, conduct supply chain attacks via trojanized npm packages like Axios, and distribute malware such as Vidar Stealer through dependency confusion and fake GitHub repositories.