Anthropic Claude Code usage-limits bug causing faster exhaustion
Service Disruption
Summary
Hide ▲
Show ▼
Anthropic is investigating a Claude Code bug that makes usage limits exhaust much faster than expected, leaving affected users blocked from normal use. The issue was still unresolved as of March 31, 14:00 PM ET, and Anthropic said it was the top priority for the team. The company said it will share more once it has an update.
Related Happenings
Anthropic Claude Code GitHub Action bypass fix (v1.0.94)
Security Patch Release
H score43
First: 04.06.2026 18:15
Last: 04.06.2026 18:15
Sources 1
About this happening:
Anthropic shipped **claude-code-action v1.0.94** to close a **trigger-check bypass** in **Claude Code GitHub Action**, reducing takeover risk for **public repositories** that run...
Anthropic Claude Code GitHub Action bypass fix (v1.0.94)
Security Patch ReleaseAbout this happening: Anthropic shipped **claude-code-action v1.0.94** to close a **trigger-check bypass** in **Claude Code GitHub Action**, reducing takeover risk for **public repositories** that run...
MCP STDIO arbitrary command execution security flaw
Vulnerability
H score53
First: 16.04.2026 12:40
Last: 16.04.2026 12:40
Sources 1
About this happening:
A **critical MCP flaw** in the **STDIO interface** can trigger **arbitrary command execution**, putting **connected AI systems** at risk of **data exposure** and **system takeover...
MCP STDIO arbitrary command execution security flaw
VulnerabilityAbout this happening: A **critical MCP flaw** in the **STDIO interface** can trigger **arbitrary command execution**, putting **connected AI systems** at risk of **data exposure** and **system takeover...
Claude Code deny-rule bypass fix (version 2.1.90)
Security Patch Release
H score17
First: 08.04.2026 12:16
Last: 08.04.2026 12:16
Sources 1
About this happening:
**Anthropic** released **Claude Code version 2.1.90** last week to fix a command-parsing flaw that could let **user-configured deny rules** silently stop applying when a command e...
Claude Code deny-rule bypass fix (version 2.1.90)
Security Patch ReleaseAbout this happening: **Anthropic** released **Claude Code version 2.1.90** last week to fix a command-parsing flaw that could let **user-configured deny rules** silently stop applying when a command e...
Anthropic launches Project Glasswing with Claude Mythos for vulnerability discovery
Security Tool/Service
H score58
First: 08.04.2026 12:16
Last: 08.04.2026 12:16
Sources 1
About this happening:
**Anthropic’s Project Glasswing** is now showing measurable results: since launching last month, the **Claude Mythos Preview**-based initiative has uncovered **more than 10,000**...
Anthropic launches Project Glasswing with Claude Mythos for vulnerability discovery
Security Tool/ServiceAbout this happening: **Anthropic’s Project Glasswing** is now showing measurable results: since launching last month, the **Claude Mythos Preview**-based initiative has uncovered **more than 10,000**...
Latest development: 03.06.2026 14:00
President Donald Trump signed a June 2 executive order that sets up a voluntary framework for developers of covered frontier models to give the US government access for cybersecurity review for up to 30 days before release, while expressly rejecting any mandatory licensing or preclearance requirement. The order directs NSA, CISA, and NIST to build a classified benchmark for determining which models cross the covered threshold and creates an AI cybersecurity clearinghouse led by the Treasury Department. The framework closely echoes Anthropic's Project Glasswing, which gives vetted partners early access to Claude Mythos Preview to scan critical software for vulnerabilities.
Claude Code leak GitHub Vidar lure campaign
Campaign
H score32
First: 02.04.2026 23:30
Last: 02.04.2026 23:30
Sources 1
About this happening:
A **malicious GitHub repository campaign** is abusing the **Claude Code leak** to deliver **Vidar** to users searching for leaked code. The lure uses a **fake leak**, **search-eng...
Claude Code leak GitHub Vidar lure campaign
CampaignAbout this happening: A **malicious GitHub repository campaign** is abusing the **Claude Code leak** to deliver **Vidar** to users searching for leaked code. The lure uses a **fake leak**, **search-eng...
Timeline
-
31.03.2026 21:00 2 articles · 3mo ago
Anthropic investigates Claude Code limits exhausting too fast
Initial DisclosureAnthropic says Claude Code users are hitting usage limits much faster than expected, and the company confirmed it is actively investigating the bug. As of March 31, 14:00 PM ET, the issue remained unresolved and was the top priority for the team.
Show sources
- Claude Code source code accidentally leaked in NPM package — www.bleepingcomputer.com — 01.04.2026 03:32
- Claude Code source code accidentally leaked in NPM package — www.bleepingcomputer.com — 01.04.2026 03:32