Security Boulevard

This fake Windows support website delivers password-stealing malware

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Project Zomboid identifies and bans over a dozen Steam Workshop mods containing 'heavily obfuscated code' that was 'creating malicious files'

Players should take "appropriate security measures to ensure their system is safe. Simply uninstalling the mods is not ...
InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...

Hackers Turned Anthropic's Claude Code Leak into a Malware Lure

Cybercriminals are exploiting the recent Claude Code source code leak to distribute Vidar malware via fake GitHub repositories.
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...

Claude Code source code accidentally leaked in NPM package

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no ...

Source Code for Anthropic’s Claude Code Leaks at the Exact Wrong Time

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
TechCrunch

Anthropic launches code review tool to check flood of AI-generated code

When it comes to coding, peer feedback is crucial for catching bugs early, maintaining consistency across a codebase, and improving overall software quality. The rise of “vibe coding” — using AI tools ...
InfoWorld

Are you ready for JavaScript in 2026?

Strip the types and hotwire the HTML—and triple check your package security while you are at it. JavaScript in 2026 is just getting started. I am loath to inform you that the first month of 2026 has ...