Claude Code Source Leak: How One Packaging Mistake Created a Hacker Feeding Frenzy

This article was originally published on ThreatChain — decentralized threat intelligence. What Supply Chain Attack is, how it works, and how to defend against it. Imagine accidentally dropping your house keys in a crowded mall – and within hours, those keys have been duplicated and distributed to every pickpocket in the city. That's essentially what happened on March 31st when Anthropic accidentally exposed the complete source code for Claude Code, their enterprise AI agent platform, in what security researchers are calling one of the most consequential accidental leaks in AI history. Here's the kicker: hackers didn't just study the leaked code – they weaponized it within 48 hours, creating a sophisticated malware campaign that's already tricking thousands of developers and organizations worldwide. The Accident That Shook the AI World It started with something embarrassingly mundane: a packaging error. On March 31st, 2026, Anthropic's development team was pushing routine updates to Cla