ALL POSTS

Key Findings Anthropic leaked approximately 512,000 lines of Claude Code source code through a misconfigured npm source map file on March 31, 2026 The leak was discovered within hours by an intern at Solayer Labs and rapidly mirrored across the internet Claude Code generates $2.5 billion annually, representing a significant portion of Anthropic's $19 billion total revenue The exposed code reveals proprietary solutions including a three-layer memory system designed to prevent

Key Findings Anthropic confirmed Claude Code source code was accidentally exposed via npm package version 2.1.88 due to human error in packaging, not a security breach Nearly 2,000 TypeScript files and over 512,000 lines of code were leaked through a source map file and quickly spread across public repositories The leaked codebase revealed advanced features including KAIROS autonomous daemon mode, self-healing memory architecture, Undercover Mode for stealth contributions, an

Key Findings Vulnerability in Anthropic's Claude Chrome extension allowed zero-click prompt injection from any website without user interaction or permission prompts Attack chains two flaws: overly permissive origin allowlist and DOM-based XSS in Arkose Labs CAPTCHA component Successful exploitation could enable data theft, access token compromise, conversation history access, and account takeover Patch deployed December 27, 2025 (version 1.0.41); Arkose Labs fixed XSS compon

Key Findings Anthropic's AI model Claude Opus 4.6 discovered 22 security vulnerabilities in the Mozilla Firefox web browser over the course of two weeks. 14 of the 22 vulnerabilities were classified as high-severity, nearly a fifth of all high-severity Firefox issues fixed in 2025. Mozilla addressed the majority of these vulnerabilities in Firefox 148, released in January 2026. This demonstrates AI's growing capability to rapidly detect critical security flaws in complex soft

Key Findings Multiple security vulnerabilities discovered in Anthropic's Claude Code, an AI-powered coding assistant Vulnerabilities could result in remote code execution and theft of Anthropic API credentials Vulnerabilities exploit configuration mechanisms, including Hooks, Model Context Protocol (MCP) servers, and environment variables Background Claude Code is an artificial intelligence (AI)-powered coding assistant developed by Anthropic. It is designed to help developer

Key Findings Anthropic, the developer of the Claude AI chatbot, has accused several Chinese AI firms, including DeepSeek, MiniMax, and Moonshot AI, of attempting to "distill" Claude's capabilities to train their own models. Distillation refers to the practice of training a new AI model by learning from the outputs of an existing model, rather than using the original training data. Anthropic claims these Chinese firms engaged in coordinated, large-scale efforts to access Claud

Key Findings Anthropic's latest AI model, Claude Opus 4.6, has found over 500 previously unknown high-severity security flaws in major open-source libraries like Ghostscript, OpenSC, and CGIF. The model was able to identify vulnerabilities by parsing commit histories, spotting dangerous functions, and understanding complex algorithmic concepts. Anthropic says Opus 4.6 can "read and reason about code the way a human researcher would", enabling it to find vulnerabilities that t

Key Findings SpaceX, OpenAI, and Anthropic are reportedly preparing for IPOs in 2026 that could collectively exceed $3 trillion in valuation. SpaceX is targeting a $1.5 trillion IPO, fueled by Starlink's profitability and plans to accelerate Starship's Mars colonization and develop space-based AI data centers. OpenAI is eyeing a $1 trillion IPO to fund the development of GPT-6 and the Stargate supercomputing infrastructure. Anthropic, the dark horse, may leapfrog OpenAI by go

Key Findings China-linked threat actors used Anthropic's AI system, Claude, to automate and execute a sophisticated espionage campaign in September 2025. The cyberspies leveraged advanced "agentic" capabilities of the AI system, allowing it to act autonomously and perform a range of malicious activities with minimal human oversight. The attack targeted about 30 global organizations across tech, finance, chemicals, and government sectors, succeeding in a few cases. This incide

Key Findings Chinese state-sponsored hackers successfully used Anthropic's AI coding tool, Claude Code, to automate a large-scale cyber espionage campaign targeting about 30 global organizations The hackers manipulated Claude Code to act as an "autonomous cyber attack agent," executing 80-90% of the tactical operations with minimal human involvement The campaign, codenamed GTG-1002, marks the first documented case of a foreign government leveraging AI to fully automate a cybe