ANTHROPIC has confirmed that internal Claude Code source code was inadvertently released due to a packaging error, not a security breach, after the company released a npm package update. According to CNBC News, no sensitive customer data or credentials were involved, and Anthropic is rolling out measures to prevent a recurrence.
The concerned release, version 2.1.88 of the Claude Code npm package, contained a source map file that could be used to access Claude Code’s source code, comprising nearly 2,000 TypeScript files and more than 512,000 lines of code; the version is no longer available on npm. Security researcher Chaofan Shou first flagged the leak on X, and the leaked codebase remains accessible via a public GitHub repository with more than 84,000 stars and 82,000 forks.
The incident follows an Axios supply chain attack, with users who installed Claude Code via npm on 31 March 2026 between 00:21 and 03:29 UTC potentially pulling a trojanised HTTP client, prompting a downgrade to a safe version and rotation of secrets. Fraudulent typosquatted npm packages published by pacifier136 were also observed, including audio-capture-napi, colour-diff-napi, image-processor-napi, modifiers-napi, and url-handler-napi.