Overview
- Anthropic, which shipped a misconfigured npm package on Tuesday, exposed a 59.8 MB source map that let researchers reconstruct about 1,900 TypeScript files and more than 512,000 lines of code.
- The company confirmed a release packaging mistake caused the leak and said no customer data, credentials, or model weights were exposed.
- Reviews of the recovered code point to a layered “self-healing” memory system, a background agent mode called KAIROS with an idle “autoDream” process, an “Undercover Mode” for stealth open‑source commits, and internal codenames like Capybara, Fennec, and Numbat.
- Security teams warned that users who updated through npm on March 31 could also have pulled a trojanized axios dependency and should check lockfiles, rotate secrets, and consider clean reinstalls if compromised.
- Anthropic urged developers to use its standalone installer or pin safe versions on npm, and the incident follows a similar Claude Code exposure in February 2025 and last week’s draft post leak about an upcoming model referred to as Mythos or Capybara.