An accidental packaging error exposed the full Claude Code source—over 500,000 lines of TypeScript, internal anti‑distillation safeguards, hidden "Undercover" and "Buddy" modules, and a zero‑interaction backdoor—prompting a worldwide security analysis and fierce community reaction.
An accidental front‑end misconfiguration exposed 512,000 lines of Claude Code’s TypeScript source, unveiling Anthropic’s modular AI agent architecture, hidden “Buddy” pet system, the KAIROS autonomous mode, undercover stealth features, anti‑distillation defenses, and risky YOLO permissions, offering a rare, detailed glimpse into cutting‑edge generative‑AI engineering.
The March 31, 2026 accidental npm leak of Claude Code's source revealed over 1,900 TypeScript files and a three‑layer memory design, exposed unreleased features, disclosed a concurrent axios supply‑chain attack, and prompted concrete security and engineering lessons for AI developers.
The article chronicles the March 31 2026 Claude Code source‑code leak caused by an exposed .map file in Anthropic's npm package, details the community’s rapid forking, a Korean developer’s Python rewrite using oh‑my‑codex, and provides a full technical overview of the CLI’s architecture, size, and related resources.
A massive leak of Anthropic’s Claude Code exposed over 1,900 files and 510,000 lines of TypeScript, revealing its React‑Ink UI, Bun runtime, extensive toolset, hidden Kairos mode, electronic pet system, and covert Undercover features, sparking worldwide developer frenzy and security concerns.
Twitter filed a DMCA request to force GitHub to remove a repository exposing proprietary code, while also seeking a court order to identify the leaker, highlighting the security risks and legal complexities of source‑code leaks in the era of high‑profile tech acquisitions.
In July 2022 a former Yandex employee stole 44.7 GB of the company's source code, exposing internal architecture across dozens of services, prompting security experts to warn that while no user data was leaked, the breach could enable future targeted attacks.
Lapsus$ announced that it has stolen and published source code from Microsoft’s Azure DevOps servers, including Bing, Cortana and over 250 internal projects, prompting Microsoft to confirm the breach while downplaying its security impact.
Hackers from Lapsus$ claim to have stolen and released over 250 Microsoft projects, including Bing and Cortana source code, via a 9 GB torrent, prompting Microsoft to confirm the breach and assess its limited impact on product security.
Recent cyber‑attacks by the NB65 hacker group have compromised Kaspersky Endpoint Security, stealing over 40,000 files—including parts of the product’s source code—and publicly announced plans to release the code within hours, highlighting a significant breach in information security.
In 2020, when Windows 7 support ended, a massive leak of Windows XP and Server 2003 source code surfaced online, sparking concerns about potential vulnerabilities and offering a rare research resource for security professionals.
On August 6, a Swiss engineer uploaded roughly 20 GB of Intel’s internal firmware source code and confidential documents to a public file‑sharing site, prompting Intel to investigate the breach, deny a backdoor, and attribute the leak to a privileged user of its Resource and Design Center.
Recent misconfigurations in DevOps tools led to a massive leak of source code from dozens of major tech, finance, and manufacturing firms—including Microsoft, Adobe, Nintendo, and Lenovo—prompting security experts to warn of hard‑coded credentials, legal risks, and the urgent need for robust DevSecOps practices.
A former DJI software engineer uploaded proprietary agricultural drone code to a public GitHub repository, leading to a criminal conviction for commercial‑secret theft, a six‑month prison term, a fine, and a detailed look at the legal penalties and security implications of such leaks.
A Shenzhen court sentenced a former DJI employee to six months in prison and a 200,000‑RMB fine after he uploaded proprietary agricultural‑drone management code to a public GitHub repository, exposing an SSL private‑key vulnerability that threatened sensitive customer data and caused over one‑million‑RMB in losses.
