Infosec.Pub

April, April!

Ein breites Bündnis der Klimabewegung kündigt Proteste und Aktionen gegen die Energiepolitik der Bundesregierung an. „Fossile Energien bedrohen unsere Sicherheit“, schreiben Campact, Deutsche Umwelthilfe, Fridays for Future, Germanwatch, GermanZero, Greenpeace und WWF in einem gemeinsamen Aufruf, der der taz exklusiv vorliegt. „Wir sind entsetzt, dass Wirtschaftsministerin Katherina Reiche und Teile der Union den Ausbau der Erneuerbaren Energien ausbremsen wollen.“

Für den 18. April rufen die Verbände und Ak­ti­vis­t*in­nen zu Demonstrationen in Berlin, Hamburg, Köln und München auf.

Am 24. April will Fridays for Future bundesweit protestieren, erstmals auch direkt vor Wahlkreis- und Parteibüros vor allem der Regierungsparteien CDU und SPD.

Sekiro man, what a ride...Celebratory wine is blowing this way out of proportion though XD. buut, my past self didn't think I had it in me so... Yay.

Fucking great game, the difficulty needs some serious demystifying... It was not nearly as tough as I expected. That said, this felt sorta like a trial run...

Here's to the completed playthrough, and many more to come, cheers!

An additional note:

I bursted out laughing during final boss phase two, I seriously thought the

was a community joke! XD

cross-posted from: https://lemmings.world/post/43593027

Archive link

Anthropic, the flagship AI company, has inadvertently exposed the source code for its major CLI tool Claude Code. It has already been extracted with mirrors published on GitHub.

Chaofan Shou announced the discovery on X.

“Claude Code source code has been leaked via a map file in their npm registry!” the user posted.

The post immediately stirred the AI community, attracting nearly 10 million views and 1.5 thousand comments.

Claude Code is a massively popular agentic AI coding assistant that runs in terminal. It can edit files and manage entire projects locally. Anthropic’s tool is closed-sourced and distributed as an obfuscated npm package.

However, Anthropic's published npm package containing Claude Code v2.1.88 allegedly exposed the source map file cli.js.map, which contained the full and unobfuscated TypeScript source code.

It appears that Anthropic scrambled to remove the npm package. However, it was too late. Multiple GitHub users already exposed copies of the project.

One of the GitHub repositories has already amassed nearly 30,000 stars and 40,200 forks.

Another one has 425 stars and 520 forks, with many developers dissecting the inner workings of the tool.

The author claims that the leaked Anthropic’s .map file’s size was 57MB, mapping 1,900 files and 512,000 lines of code.

The leaked code includes the core engine for LLM API calls, handling streaming responses, tool-call loops, thinking mode, retry logic, token counting, permission models, tools, etc. Some Hacker News users noted the extensive regex filter containing many swear words for detecting negative sentiment in users' prompts. This leak doesn’t expose the AI models themselves or user data.

Exposed internal logic makes it very easy to reverse-engineer the tool, identify security risks, or steal intellectual property. Users already noted that Claude Code is using axios as its dependency, a tool that was just hacked.

Many GitHub users now advertise their own build of Claude Code. However, they’re risking legal action.

“Just because the source is now 'available' *DOES NOT MEAN IT IS OPEN SOURCE*. You are violating a license if you copy or redistribute the source code, or use their prompts in your next project! Don’t do that,” posted full-stack developer Justin Schroeder on X.

The .map files are typically used by developers fixing programs in software. These plain text files act like a mini map of the original code, helping developers trace where the errors or problems occur. However, .map files usually don’t include the full source code.

Anthropic hasn’t yet released an official statement. Cybernews reached out to the company and will include its response.

Proton has announced a new video conferencing service named Meet and positioned it as a privacy-focused alternative to mainstream services like Google Meet, Zoom, and Microsoft Teams.

(5 minutes later he lost it under the couch)

A death rate of up to 90%, attributed to warming seas, is threatening the trade in Hiroshima prefecture, which produces most of the country’s farmed oysters