Claude Code's source code has been leaked via a map file in their NPM registry
Scored daily by a customisable AI persona to surface the most relevant engineering leadership news.
Claude source code leak via NPM, major supply chain security incident for AI tools.
The article details a security incident where the source code for Claude Code, likely an AI coding tool from Anthropic, was accidentally exposed via a source map file in its NPM package. This suggests a misconfiguration in the package registry, leading to the leak of proprietary code.
Audit and restrict source map and debug file publication in your NPM and other package registries to prevent unintended code exposure.
For a senior engineer focused on AI/ML tooling and cloud infrastructure, this underscores critical vulnerabilities in software supply chains and the importance of securing package deployments in environments like NPM and PaaS.