Claude Code source code leak: Did Anthropic just expose its AI secrets, hidden models, and undercover coding strategy to the world?

Claude Code, Anthropics top AI agent, just suffered a major source code leak. Version 2.1.88 exposed 512,000 lines of ...
Cybernews

Code trust crisis: Is it safe to update your system during an active supply chain attack?

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...
InfoWorld

How Apache Kafka flexed to support queues

The latest release of Apache Kafka delivers the queue-like consumption semantics of point-to-point messaging. Here’s the how, ...
Cryptopolitan on MSN

Axios supply chain attack raises risk to crypto wallets

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...

Government looks to prorogue Parliament if Liberals sweep April 13 by-elections

Move would give the party control of House of Commons committees, and allow it to push through legislation more easily ...
GitHub

axios@1.14.1 and axios@0.30.4 are compromised

Most likely, a maintainer's GitHub and npm accounts are compromised as these issues are getting deleted. I have also reported this as a vulnerability, so that a CVE can be generated.

SSM Health Dean sues orthopedic surgeons leaving to start competing practice

SSM Health Dean was a planning an orthopedics ambulatory surgery center, which the new group says it will now build, along ...

Is Avi Lewis’s NDP doomed? Don’t write the obituary just yet

More than a few voters could find themselves unsatisfied with the Liberals and open to a hard-left turn in future elections ...
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...