Gate News message, March 31, Anthropic accidentally leaked 510,000 lines of source code for Claude Code in a routine npm update, including critical debugging files, exposing the complete architecture of this flagship AI coding tool. It is reported that the tool generates about $2.5 billion in recurring annual revenue for the company.
Security researcher Chaofan Shou found a source-code mapping file in the Claude Code 2.1.88 version and posted a download link on X (Twitter). The code spread quickly across GitHub within hours, accumulating tens of thousands of forks, and Anthropic subsequently issued a DMCA takedown notice. This leak happened five days after another CMS misconfiguration leaked about 3,000 internal files, including details of the unreleased “Mythos” model; within a week, two unexpected incidents have raised concerns in the market about Anthropic’s $350 billion valuation and its planned IPO in Q4 2026.
The leaked files reveal an internal feature called “Undercover Mode,” designed to prevent Claude from leaking confidential information, while also exposing 44 feature flags, the unreleased back-end daemon process KAIROS, and the internal codename “Capybara” for a Claude 4.6 variant. Anthropic said this was an inadvertent packaging error. Enterprise customers make up 80% of Claude Code revenue and now face risks of exposure to security-logic and permission-bypass techniques.
Korean-Canadian developer Sigrid Jin was reported to have cashed in on 25 billion Claude Code tokens; after the leak, he reworked the Python code and received 50,000 GitHub stars within two hours. This indicates that despite the risks posed by the leak, open-source the community’s interest in Claude Code remains extremely high.
The incident highlights the importance for AI enterprises to strengthen code security and internal permission management before an IPO, and it also serves as a reminder for investors and institutions to watch how potential technical risks affect market valuations. As Anthropic faces increased scrutiny, its prospects ahead of going public may experience significant volatility.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Hacker tricks AI agents with Morse code! The attacker lures Grok and BankrBot into making transfers, stealing $170k worth of cryptocurrency
An AI agent vulnerability was exposed on the X platform: attackers used a Bankr Club NFT to obtain transfer privileges for a Grok wallet, then used Morse code instructions to prompt BankrBot to transfer out roughly 300 million DRB without human approval, worth about $175k. The issue stems from BankrBot’s architecture not treating AI output as authorization. The funds have been recovered, and defenses will be strengthened, including API key controls and IP whitelisting.
ChainNewsAbmedia57m ago
Aave Files Emergency Motion to Lift $73M ETH Freeze in Kelp DAO Exploit
Aave LLC filed an emergency motion in federal court on May 1 seeking to lift a court-ordered freeze of approximately $73 million in ether recovered from the Kelp DAO exploit, according to the filing. The order restricts Arbitrum DAO from moving the recovered funds while plaintiffs from years-old ter
CryptoFrontier2h ago
Zondacrypto CEO Disappears With 4,500 Bitcoin Private Keys on May 5; Current CEO Flees to Israel
According to BlockBeats, on May 5, the former CEO of Polish cryptocurrency exchange Zondacrypto disappeared in 2022 with private keys to a cold wallet holding 4,500 BTC (currently worth over $340 million). The current CEO admitted the wallet is now inaccessible and has reportedly fled to Israel.
GateNews3h ago
Payward Alleges $25M Crypto Custody Fraud Against Etana
Payward, the parent company of crypto exchange Kraken, has filed a lawsuit alleging $25 million in crypto custody fraud against Etana and the firm's CEO, according to the complaint. The allegations center on claims that client funds were misused, commingled, and concealed as part of a "Ponzi-like" s
CryptoFrontier4h ago
Bisq Protocol Attacked, Approximately 11 BTC Stolen Due to Missing Validation Mechanisms
According to official statement reported by ChainCatcher, Bisq protocol was attacked recently, resulting in approximately 11 BTC stolen due to missing validation mechanisms. Attackers exploited a negative miner fee vulnerability to transfer funds via multi-signature transactions.
Bisq is
GateNews4h ago
Aave emergency motion counters: $73 million in frozen ETH: “The thief does not own what he stole”
Aave filed an emergency motion with the U.S. District Court for the Southern District of New York, seeking to lift the freeze on 30,766 ETH (about $73 million). Core arguments: the stolen assets remain the property of the original users, and the thief cannot obtain ownership; when the Arbitrum Safe Committee returns funds, the stolen assets would immediately revert to the victims; the evidence related to North Korea’s Lazarus Group is hearsay, and the hearing is expected to be held at the end of May. This case will affect DeFi governance and future risks around asset ownership.
ChainNewsAbmedia5h ago
