Quick Read
- Anthropic accidentally exposed over 500,000 lines of Claude Code source code via an improperly packaged source map file.
- North Korean threat actors compromised the Axios library through social engineering, deploying RATs to developer environments.
- Security experts warn that these incidents demonstrate a dangerous trend of weaponizing developer workflows and trust-based supply chains.
A critical week for software security has seen the integrity of major GitHub repositories challenged by both accidental leaks and sophisticated, state-linked supply chain attacks. As of April 2, 2026, the developer ecosystem is grappling with the fallout from the exposure of 510,000 lines of Claude Code source code and a separate, high-impact compromise of the widely used Axios JavaScript library.
The Claude Code Source Code Exposure
The security landscape shifted on March 31 when security researcher Chaofan Shou discovered that Anthropic had inadvertently included a 59.8MB source map file in the release package for Claude Code version 2.1.88 on npm. This human error exposed nearly 2,000 unobfuscated TypeScript files, revealing core technical architecture, internal permission models, and unreleased features like the terminal pet ‘Buddy’ and long-term planning mode ‘UltraPlan’. While Anthropic attempted an immediate takedown of related forks on GitHub, the rapid proliferation of the code rendered the effort largely futile, causing collateral disruption to legitimate repositories.
Supply Chain Attacks and RAT Deployment
Simultaneously, the open-source community faced a targeted supply chain attack against the Axios HTTP library. North Korean threat actors, identified as UNC1069, utilized an elaborate social engineering campaign to compromise the library’s maintainer, Jason Saayman. By posing as a company founder and conducting a fake Microsoft Teams meeting, the attackers induced the installation of a Remote Access Trojan (RAT) on the maintainer’s machine. This allowed them to publish malicious versions of Axios—versions 1.14.1 and 0.30.4—which were active for roughly three hours and contained post-install scripts to deploy platform-specific malware and establish command-and-control (C2) channels.
The Stakes for Corporate Security
These events underscore a growing vulnerability in modern software development pipelines. The exposure of Claude Code’s internal logic has enabled security analysts to map specific attack paths, including context poisoning and sandbox bypasses, which are now theoretically executable by malicious entities. Furthermore, the Axios incident highlights that even with multi-factor authentication in place, social engineering remains a potent tool for bypassing security controls. Organizations are now urged to rotate all credentials that were active during the compromise windows and to transition to immutable, OIDC-based release workflows to mitigate the risk of long-lived credential theft.
The confluence of these incidents suggests a shift in threat actor strategy, moving away from brute-force exploits toward the weaponization of legitimate developer tools and social engineering, forcing an industry-wide reassessment of trust in automated supply chain processes.