1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Anthropic confirms it leaked 512,000 lines of Claude Code source

    From TechnologyDaily@1337:1/100 to All on Wednesday, April 01, 2026 12:15:25
    Anthropic confirms it leaked 512,000 lines of Claude Code source code spilling some of its biggest secrets

    Date:
    Wed, 01 Apr 2026 11:05:00 +0000

    Description:
    Claude Code's entire source code has been leaked and the internet is up in arms.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter Anthropic employee accidentally leaked Claude Code source via npm map file Leak exposed 1,900 TypeScript files with 500K+ lines of code, quickly mirrored on GitHub Anthropic confirmed no customer
    data exposed, calling it a packaging error amid recent vulnerabilities like ShadowPrompt and Cloudy Day An Anthropic employee accidentally leaked the source code for one of the most popular Artificial Intelligence (AI) assistants out there - Claude Code .

    Security researcher Chaofan Shou posted on X , saying Claude Code source code has been leaked via a map file in their npm registry! The tweet itself was viewed more than 30 million times so far, with the numbers rising fast, showing just how popular the tool really is. While CNBC says the leak is partial, The Register said it contained the popular AI coding tool's entire source code. Article continues below You may like Security experts flag multiple issues in Claude Code, warning, 'As AI integration deepens, security controls must evolve to match the new trust boundaries' Three high-risk AI vulnerabilities discovered in Claude.ai end-to-end attack chain exfiltrates sensitive info without user knowing Anthropic gives Claude Code new 'auto mode' which lets it choose its own permissions Anthropic confirms leak The internet reacted as the internet usually reacts - fast and remorseless, swiftly backing up the leak into a GitHub repository which has, by now, been forked tens of thousands of times.

    In the GitHub upload it was said that the leak is a result of a reference to an unobfuscated TypeScript source code in the map file included in Claude Codes npm package. The reference pointed to a .ZIP file sitting in Anthropics Cloudflare R2 storage bucket which contained 1,900 TypeScript files with more than 500,000 lines of code, full libraries of slash commands, and built-in tools.

    Since then, Anthropic confirmed the news, saying this wasnt an act of a malicious insider, or third party, but rather a mishap:

    No sensitive customer data or credentials were involved or exposed, an Anthropic spokesperson said in a statement to CNBC . This was a release packaging issue caused by human error, not a security breach. Were rolling
    out measures to prevent this from happening again. Are you a pro? Subscribe
    to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    These have been an intense couple of weeks for Anthropic. The company raised quite a few eyebrows with the speed at which its been shipping out new
    updates and features, even prompting major discussions on Reddit , where
    users argued the companys been using, well, its own product.

    They're getting high on their own supply, one person said.

    While releasing new features quickly is commendable, cybersecurity seems to
    be the flipside of that coin. In the last 10 days alone, weve had multiple stories about Claude being vulnerable to prompt injection and similar
    attacks. On March 27 2026, security researchers Koi Security found a major flaw in Claude Codes Google Chrome extension that enabled zero-click attacks. What to read next Infostealers are being disguised as Claude Code, OpenClaw and other AI developer tools Anthropic goes to court over 'supply chain risk' label, as Claude usage rises Anthropic's official Git MCP server had some worrying security flaws - this is what happened next Speed at the expense of security? Claude's been making headlines for all the wrong reasons (Image credit: Anthropic) Dubbed ShadowPrompt , the vulnerability could have allowed malicious actors to exfiltrate sensitive data.

    A few days prior, on March 19, security researchers Oasis reported finding three vulnerabilities in Claude which, when used together, form a complete attack chain - from targeted victim delivery to sensitive data exfiltration. The researchers dubbed it Cloudy Day and responsibly disclosed it to
    Anthropic which quickly addressed it.

    Users dont seem to mind that much, though as, on the same day ShadowPrompt
    was discovered, Anthropic was forced to throttle its tools during peak hours to cope with rising demand.

    To manage growing demand for Claude we're adjusting our 5 hour session limits for free/Pro/Max subs during peak hours. Your weekly limits remain unchanged, said Thariq Shihipar, an engineer who works on Claude Code, in a post on X. The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/anthropic-confirms-it-leaked-512-000-li nes-of-claude-code-source-code-spilling-some-of-its-biggest-secrets


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)