Anthropic Claude Code source code leak from NPM release
Data Leak
Summary
Hide ▲
Show ▼
Anthropic mistakenly exposed proprietary Claude Code source code through a NPM release, allowing the codebase to be reconstructed and spread online. The leak involved version 2.1.88 and a 60 MB cli.js.map file. Anthropic said no customer data or credentials were exposed, but the code leak still revealed internal implementation details.
Related Happenings
Miasma source code leak on GitHub
Data Leak
H score32
First: 10.06.2026 23:27
Last: 10.06.2026 23:27
Sources 1
About this happening:
The **Miasma source code** was **briefly leaked on GitHub**, exposing malware framework code that could be copied, studied, and modified by other threat actors. The exposure repor...
Miasma source code leak on GitHub
Data LeakAbout this happening: The **Miasma source code** was **briefly leaked on GitHub**, exposing malware framework code that could be copied, studied, and modified by other threat actors. The exposure repor...
Anthropic Claude Code GitHub Action bypass fix (v1.0.94)
Security Patch Release
H score43
First: 04.06.2026 18:15
Last: 04.06.2026 18:15
Sources 1
About this happening:
Anthropic shipped **claude-code-action v1.0.94** to close a **trigger-check bypass** in **Claude Code GitHub Action**, reducing takeover risk for **public repositories** that run...
Anthropic Claude Code GitHub Action bypass fix (v1.0.94)
Security Patch ReleaseAbout this happening: Anthropic shipped **claude-code-action v1.0.94** to close a **trigger-check bypass** in **Claude Code GitHub Action**, reducing takeover risk for **public repositories** that run...
Claude Code GitHub Action bot trigger bypass security flaw
Vulnerability
H score31
First: 04.06.2026 18:15
Last: 04.06.2026 18:15
Sources 1
About this happening:
**Anthropic's Claude Code GitHub Action** had a **trigger-check bypass** that let a malicious **GitHub issue** escalate into **repository takeover** for vulnerable public reposito...
Claude Code GitHub Action bot trigger bypass security flaw
VulnerabilityAbout this happening: **Anthropic's Claude Code GitHub Action** had a **trigger-check bypass** that let a malicious **GitHub issue** escalate into **repository takeover** for vulnerable public reposito...
GitHub internal repositories private-code leak claim
Data Leak
H score46
First: 20.05.2026 08:08
Last: 20.05.2026 08:08
Sources 1
About this happening:
GitHub is facing a claimed leak of **internal repositories** after **TeamPCP** said it had access to about **4,000 private-code repos** and tried to sell samples. The alleged expo...
GitHub internal repositories private-code leak claim
Data LeakAbout this happening: GitHub is facing a claimed leak of **internal repositories** after **TeamPCP** said it had access to about **4,000 private-code repos** and tried to sell samples. The alleged expo...
Latest development: 21.05.2026 17:45
A malicious version of Nx Console 18.95.0 was uploaded to Visual Studio Marketplace and Open VSX on May 18, fetched an obfuscated payload, and harvested secrets from ~/.vault-token, /etc/vault/token, .npmrc, ghp_/gho_/ghs_ tokens, AWS metadata, and other local sources; GitHub said the poisoned VS Code extension led to unauthorized access to about 3800 internal repositories.
Grafana Labs source code leak and extortion demand
Data Leak
H score24
First: 19.05.2026 12:15
Last: 19.05.2026 12:15
Sources 1
About this happening:
The **Grafana Labs** codebase was **downloaded from its GitHub environment**, creating a risk that proprietary source code could be **released or misused**. The company said **no...
Grafana Labs source code leak and extortion demand
Data LeakAbout this happening: The **Grafana Labs** codebase was **downloaded from its GitHub environment**, creating a risk that proprietary source code could be **released or misused**. The company said **no...
Timeline
-
02.04.2026 23:30 1 articles · 3mo ago
Fake GitHub repositories exploit Claude Code leak with Vidar
Campaign Scope UpdateThreat actors are using fake GitHub repositories to exploit the Claude Code source code leak and lure users searching for leaked Claude Code into downloading a 7-Zip archive that launches ClaudeCode_x64.exe and drops Vidar and GhostSocks; Zscaler says the bogus repository is SEO-optimized for Google Search queries like “leaked Claude Code.”
Show sources
- Claude Code leak used to push infostealer malware on GitHub — www.bleepingcomputer.com — 02.04.2026 23:30
-
01.04.2026 03:32 1 articles · 3mo ago
Anthropic accidentally publishes Claude Code source code on NPM
Initial DisclosureAnthropic briefly published Claude Code version 2.1.88 on NPM earlier today with a 60 MB cli.js.map source map that exposed internal source code for the closed-source product, and Anthropic said no customer data or credentials were involved or exposed.
Show sources
- Claude Code source code accidentally leaked in NPM package — www.bleepingcomputer.com — 01.04.2026 03:32
-
01.04.2026 03:00 1 articles · 3mo ago
Anthropic issues DMCA takedowns after Claude Code code spreads online
Legal Policy Action UpdateThe leaked Claude Code source code spread on GitHub and other storage platforms, analysts identified undocumented features including Proactive mode and Dream mode, and Anthropic began issuing DMCA infringement notifications while rolling out measures to prevent another exposure.
Show sources
- Claude Code source code accidentally leaked in NPM package — www.bleepingcomputer.com — 01.04.2026 03:32