Key Findings

• Anthropic leaked approximately 512,000 lines of Claude Code source code through a misconfigured npm source map file on March 31, 2026

• The leak was discovered within hours by an intern at Solayer Labs and rapidly mirrored across the internet

• Claude Code generates $2.5 billion annually, representing a significant portion of Anthropic's $19 billion total revenue

• The exposed code reveals proprietary solutions including a three-layer memory system designed to prevent AI hallucinations during extended tasks

• Internal projects revealed include KAIROS, an error-correction system, and Undercover Mode, which allows AI operations without visible AI signatures

• Upcoming model codenames were exposed including Capybara (Claude 4.6), Fennec, and a terminal pet feature called Buddy

• A simultaneous attack on the npm registry introduced a Trojan virus affecting users who downloaded between specific time windows

Background

Anthropic experienced a catastrophic security incident on March 31, 2026, when a routine npm package update for version 2.1.88 accidentally included a 59.8 MB source map file. Source maps are developer tools that translate compiled code back into human-readable format, essentially providing a complete technical blueprint of how software functions. The mistake was spotted at 4:23 am ET by Chaofan Shou, an intern at Solayer Labs, who immediately posted the discovery on X. Within hours, the exposure had spread across developer communities and potentially reached competitors.

The Financial Impact

Claude Code represents one of Anthropic's most profitable ventures, generating $2.5 billion in annual revenue as of March 2026. This figure had doubled since the beginning of the year, indicating rapid growth and increasing market adoption. The tool now accounts for a substantial portion of Anthropic's estimated $19 billion total revenue, making this leak far more than a technical embarrassment. For investors and stakeholders, the exposure of proprietary technology underlying such a significant revenue driver represents a major strategic vulnerability.

Technical Secrets Exposed

The leaked code reveals why Claude Code commands premium pricing. Anthropic solved a critical problem in AI performance called context entropy, essentially the cognitive equivalent of brain fog where AI systems become confused during extended operations. Their solution uses a three-layer memory system that functions like a skeptical librarian, continuously cross-referencing information against actual files to prevent the AI from generating false information or hallucinations. This technical achievement appears to be a core competitive advantage that now lies exposed.

Hidden Projects and Future Products

Beyond the current Claude Code functionality, the leak exposed several internal development projects. KAIROS operates as an always-on background system that identifies and corrects logic errors even when users aren't actively interacting with the tool. More controversial is Undercover Mode, which allows the AI to work on public-facing projects without leaving traces of AI involvement. The code also contained references to upcoming models codenamed Capybara (identified as Claude 4.6), Fennec, and a quirky terminal companion called Buddy featuring statistical attributes like CHAOS and SNARK. These revelations suggest Anthropic's development roadmap is now visible to the entire industry.

Compounding Security Issues

The source code leak occurred simultaneously with a separate attack targeting the npm registry itself. Between 00:21 and 03:20 UTC on March 31, users who downloaded packages during this window may have received infected versions containing a Trojan virus. This two-pronged attack suggests either coordinated timing or opportunistic exploitation of the already-compromised environment. Anthropic has recommended that all users switch to downloading their Native Installer directly from the official website rather than through npm, effectively removing the compromised distribution channel from the update process.

Company Response and Damage Control

Anthropic's official response characterized the incident as a packaging issue stemming from human error rather than a sophisticated breach, emphasizing that no customer data was compromised. While this distinction may comfort users concerned about personal information exposure, it provides little comfort regarding the strategic implications of having core technology blueprints publicly available. The company's rapid response in acknowledging the incident and providing clear guidance on secure installation methods represents standard incident management, though the damage to intellectual property secrecy remains permanent.

Sources

• https://hackread.com/anthropic-leaks-claude-ai-code-blunder/

• https://medium.com/aiguys/anthropic-accidentally-leaked-512-000-lines-of-claude-code-3960ff7bc9f7

• https://www.instagram.com/p/DWjjpHtiQLd/

• https://cybernews.com/security/anthropic-claude-code-source-leak/