Anthropic's Claude Code Source Code Leaked via npm Package

Severity: High (Score: 65.2)

Sources: Bleepingcomputer, News.Ycombinator, Theregister, Venturebeat, Cybersecuritynews

Summary

On March 31, 2026, Anthropic accidentally exposed the full TypeScript source code of its Claude Code CLI tool through a misconfigured npm package. A 59.8 MB JavaScript source map file was included in version 2.1.88 of the @anthropic-ai/claude-code package, which pointed to unobfuscated code stored on Anthropic's cloud infrastructure. Security researcher Chaofan Shou discovered the leak, leading to widespread mirroring and analysis of the source code across platforms like GitHub. The leak is significant as it provides competitors with insights into Claude Code's architecture, including its memory management and anti-distillation mechanisms. Anthropic confirmed that the leak was due to human error and stated that no sensitive customer data was exposed. The incident raises concerns about intellectual property security and the potential for competitive advantage for rival firms. The source code includes over 512,000 lines of code and various built-in tools, which could facilitate reverse engineering efforts. Key Points: • Anthropic's Claude Code source code was leaked via a misconfigured npm package. • The leak exposes over 512,000 lines of TypeScript code and critical architectural details. • Anthropic attributes the leak to human error and has confirmed no customer data was compromised.

Key Entities

• Data Breach (attack_type)
• Malware (attack_type)
• Supply Chain Attack (attack_type)
• Trojan (attack_type)
• Anthropic (company)
• OpenCode (tool)
• Bash (tool)
• Bun (tool)
• JavaScript (tool)
• Npm (tool)
• T1059.004 - Unix Shell (mitre_attack)
• T1195 - Supply Chain Compromise (mitre_attack)
• T1557 - Adversary-in-the-Middle (mitre_attack)
• Node (platform)
• Axios (platform)