Bleeping Computer

Yandex denies hack, blames source code leak on former employee

A Yandex source code repository allegedly stolen by a former employee of the Russian technology company has been leaked as a Torrent on a popular hacking forum. Yesterday, the leaker posted a magnet ...
SiliconANGLE

New repository aims to illuminate open-source package vulnerabilities and malicious code

The Open Source Security Foundation today launched its Malicious Packages Repository, an open-source system for collecting and publishing cross-ecosystem reports of malicious packages. Claimed to be ...

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and Enkrypt AI CSO Merritt Baer weigh in on agent permissions and derived IP ...
Security Systems News

Okta GitHub repositories hacked, source code stolen

YARMOUTH, Maine – It’s been a hard year for security at identity and access management company Okta, with its most recent data breach incident causing the company to lose its source code to threat ...

Anthropic took down thousands of GitHub repos trying to yank its leaked source code — a move the company says was an accident

Anthropic executives said it was an accident and retracted the bulk of the takedown notices.
SiliconANGLE

Okta’s code repositories reportedly breached in cyberattack

Okta Inc. has experienced a data breach in which hackers accessed some of its source code repositories, BleepingComputer reported today. Nasdaq-listed Okta provides an identity management platform ...
CPO Magazine

Taking Stock of the Anthropic Source Code Leak: AI Agent Compromise Signals Security Issues, “Claude Copies” Ahead of Massive IPO

While Anthropic has attempted to contain the leak damage with takedown requests, the AI agent's code unsurprisingly spread ...
Dark Reading

Twitter's Source Code Leak on GitHub a Potential Cyber Nightmare

Some of Twitter's proprietary source code had been publicly available on Github for nearly three months, according to information gleaned from a DMCA Takedown request filed on March 24. GitHub is the ...
Ars Technica

More malicious packages posted to online repository. This time it’s PyPI

Researchers have uncovered yet another supply chain attack targeting an open source code repository, showing that the technique, which has gained wide use in the past few years, isn’t going away any ...

Claude Code unintentionally open source: Source map reveals all

The source code of Anthropic's CLI tool Claude Code was accidentally made publicly accessible via a source map in the npm registry.
Infosecurity-magazine.com

Open Source Repository Attacks Soar 700% in Three Years

The volume of malicious activity targeting upstream open source code repositories has hit triple-digit growth over the past three years, according to Sonatype. The security vendor claimed in newly ...
TechCrunch

How a mistakenly published password exposed Mercedes-Benz source code

Mercedes-Benz accidentally exposed a trove of internal data after leaving a private key online that gave “unrestricted access” to the company’s source code, according to the security research firm ...