npm supply chain — 3 Technical Articles

Apr 1, 2026 · Artificial Intelligence

Inside the Claude Code Source Leak: 1,900 Files, 510k Lines, and the Three‑Layer Memory Architecture

The March 31, 2026 accidental npm leak of Claude Code's source revealed over 1,900 TypeScript files and a three‑layer memory design, exposed unreleased features, disclosed a concurrent axios supply‑chain attack, and prompted concrete security and engineering lessons for AI developers.

AI agent architectureClaude Codenpm supply chain

0 likes · 8 min read

Inside the Claude Code Source Leak: 1,900 Files, 510k Lines, and the Three‑Layer Memory Architecture

Code Mala Tang

Mar 31, 2026 · Information Security

How Malicious Axios Versions Hijacked NPM: A Deep Supply‑Chain Attack Analysis

StepSecurity uncovered a sophisticated supply‑chain attack on the popular Axios HTTP client where compromised maintainer credentials were used to publish malicious versions that injected a hidden postinstall RAT, evaded detection, and executed platform‑specific payloads before self‑destructing, prompting detailed forensic and remediation guidance.

AxiosHarden-RunnerRAT

0 likes · 31 min read

How Malicious Axios Versions Hijacked NPM: A Deep Supply‑Chain Attack Analysis

Black & White Path

Mar 3, 2026 · Information Security

How North Korean APT Used Steganography and Dead‑Drop Resolvers in 26 Malicious npm Packages

In March 2026, researchers uncovered a supply‑chain attack where a North Korean Lazarus‑linked group published 26 typosquatted npm packages that hide C2 commands via Pastebin steganography and deploy a modular RAT through Vercel, prompting detailed mitigation guidance for developers.

APTNode.js securityRAT

0 likes · 11 min read

How North Korean APT Used Steganography and Dead‑Drop Resolvers in 26 Malicious npm Packages