The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no ...

The open-source database RxDB 17 now synchronizes data directly via Google Drive or OneDrive – developers no longer need ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...

EmDash is an open-source CMS built on Astro and Cloudflare. Featuring sandboxed plugins, AI-native tools, and 66% faster ...

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

OpenClaw's Node for VS Code extension proved it can support a real local file-based workflow, but on Windows the experience still feels more like early infrastructure than finished tooling.

A smaller weekly VS Code release adds chat workflow refinements, semantic search changes, TypeScript 6.0, and new admin controls.