1. Claude Code Source Code Leak
On March 31, 2026, the entire source code of Claude Code was inadvertently exposed via a source map file bundled into the npm package.
How it happened: A .map file — intended for internal debugging — was included in @anthropic-ai/claude-code version 2.1.88 on the public npm registry. "Source maps are meant for debugging — they map minified/bundled code back to the original source. Including one in a production npm publish effectively ships your entire codebase in readable form." [1] Anthropic uses Bun's bundler, which generates source maps by default unless explicitly disabled.
Scale: The leak exposed approximately ~1,900 TypeScript files and 512,000+ lines of code [1], including ~40 built-in tools and ~50 slash commands. The GitHub mirror "has already surpassed 1,100+ stars and 1,900+ forks" [1].
What was inside:
A Query Engine spanning 46,000 lines handling LLM orchestration [1]
A multi-agent spawning ("swarms") system for parallel task handling [1]
An IDE bridge with JWT auth connecting to VS Code and JetBrains [1]
Anthropic has since pulled the affected version from npm.
2. Axios npm Supply Chain Attack
On the same day — March 31, 2026 — the axios npm package was compromised in a coordinated supply chain attack.
What happened: An attacker compromised the npm account of jasonsaayman, the primary axios maintainer, and "changed its registered email address to a Proton Mail address" [2]. They then manually published two backdoored releases: axios@1.14.1 (tagged latest) and axios@0.30.4 (tagged legacy).
The payload: The malicious versions injected a fake dependency plain-crypto-js@4.2.1 containing a postinstall script that deployed a cross-platform Remote Access Trojan (RAT) targeting Windows, macOS, and Linux — enabling arbitrary command execution and credential theft [2]. Payloads were "staged 18 hours in advance" with "three separate payloads pre-built for three operating systems" [2], indicating high operational sophistication. Running npm audit will not reveal the compromise.
Impact: With ~83–100M weekly downloads, axios is one of the most-used JavaScript packages. The attack bypassed GitHub Actions CI/CD pipelines entirely because the attacker published directly via a stolen npm token, leaving no verifiable build trail [2].
Remediation:
Downgrade to
axios@1.14.0or0.30.3Rotate all credentials immediately
Block egress to
sfrclak.com/142.11.206.73Rebuild environments from clean snapshots — do not attempt to clean compromised systems [2]
3. Google Quantum Breakthrough
Google published a new paper from its Quantum AI team sharply revising downward the hardware required to break elliptic-curve cryptography — the foundation of Bitcoin, Ethereum, and most TLS/HTTPS.
The new estimate: Google's paper states quantum computers could crack secp256k1 private keys with "fewer than 500,000 physical qubits in a few minutes" [3] — a roughly 20x reduction from prior estimates. The logical qubit requirement is 1,200–1,450 qubits with 70–90 million Toffoli gates [3].
Crypto risk: The analysis puts "about $200 billion in stablecoins and tokenized real-world assets on Ethereum" at risk [3], and approximately 6.7M BTC (~$444B) in vulnerable addresses [3] — over $600B in combined exposure. Bitcoin's block time creates a 9-minute attack window with "a theft success probability of slightly less than 41%" [3].
Timeline: Ethereum Foundation researcher Justin Drake stated his confidence in "Q-day by 2032 had risen sharply" with "at least a 10% chance that a quantum computer could recover a secp256k1 private key from an exposed public key by then" [3].
This builds on their earlier Willow chip and Quantum Echoes algorithm work, the latter described as "a big step toward real-world applications for quantum computing" [4].
Sources:
[2] https://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.html
[4] https://blog.google/technology/research/quantum-echoes-willow-verifiable-quantum-advantage/
