Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

AI firm Anthropic accidentally leaked its Claude Code source code via an npm package, revealing unreleased features like an ...

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...

Flowise AI platform carried CVSS-10 arbitrary code flaw Vulnerability in CustomMCP node exploited in the wild Up to 15,000 ...

Anthropic accidentally exposed roughly 512,000 lines of proprietary TypeScript source code for its AI-powered coding agent ...

Hackers are exploiting Anthropic's accidental Claude Code source leak to distribute Vidar and GhostSocks malware through fake ...

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...

In order to spread Vidar information-stealing malware, threat actors are taking advantage of the recent Claude Code source ...

Now a security researcher says a Reader hole has been quietly exploited by malware for as long as four months, fingerprinting ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Recho Notebook, an ITP thesis project by Bairui Su (ITP '25), is a new open-source coding environment designed for algorithms and ASCII art.

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.