typescript.news

#npm

No articles are currently tagged with 'npm'.
2 articles tagged with npm
Axios npm Supply Chain Attack: Malicious Versions Drop Remote Access Trojan

Axios npm Supply Chain Attack: Malicious Versions Drop Remote Access Trojan

Two poisoned releases of axios β€” one of the most widely-used Node.js HTTP client libraries β€” were published and pulled from npm within hours. Here's what happened, how the attack worked, and what you need to do right now.
Claude Code Source Map Leak Exposes Hidden Agent OS, Chrome Automation, and Privacy Gaps

Claude Code Source Map Leak Exposes Hidden Agent OS, Chrome Automation, and Privacy Gaps

On March 30–31 2026, developers discovered that the npm package @anthropic-ai/claude-code@v2.1.88 included a production source map file that exposed the full TypeScript source code β€” revealing undocumented multi-agent orchestration, a hidden Chrome MCP server, an internal query engine, a tool permission system, and a three-tier telemetry system.
View all tags