A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

GitHub Hack Scare: Attackers Claim They Stole Internal Source Code, Thousands of Private Repositories Now Up for Sale

A major cyber scare has hit GitHub, with hackers from TeamPCP claiming they accessed nearly 4,000 private repositories, ...
SecurityWeek

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code

The TeamPCP hacking group has released the Shai-Hulud worm’s source code and is challenging miscreants to use it in attacks.

Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom

The open source project said hackers stole its codebase and threatened to publish its source code if the company did not pay.
VentureBeat

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Every enterprise running AI coding agents has just lost a layer of defense. On March 31, Anthropic accidentally shipped a 59.8 MB source map file inside version 2.1. ...

Source Code Is Not The Product: Why Commercial Open Source Works

Done right, openness creates a stronger business structure and a larger surface area for value creation than closed software.
Gizmodo

Source Code for Anthropic’s Claude Code Leaks at the Exact Wrong Time

Anthropic just cannot keep a lid on its business. After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and blog posts in a publicly ...