Overview
- Anthropic’s coding tool leaked on Tuesday after a flawed npm release included a large source‑map file, exposing roughly 500,000 lines of TypeScript that detail the agent’s orchestration and permissions while the company said no model weights or customer data were disclosed.
- Threat hunters say fake “leaked” downloads on GitHub now deliver malware, with Zscaler reporting Vidar credential stealer and GhostSocks proxy hidden in archives that claim to be unlocked Claude Code builds.
- Security firm Adversa AI detailed a critical bug in the tool’s permission checks, showing that a 50‑subcommand parsing cap can be hit by prompt‑generated command chains so deny rules never run and sensitive keys or tokens could be exfiltrated.
- Anthropic’s takedown push on GitHub targeted about 8,000 repositories but also swept up legitimate forks of its public client, and the company asked GitHub to restore those unintended removals after acknowledging a communication mistake.
- Files from the leak show a regex list that flags user frustration and profanity and an “Undercover Mode” that strips Anthropic references from public commits, raising transparency and governance questions about how the tool monitors users and presents its output.