Transparence b l-ghalat: Anthropic kat-akid tsrib l-code source dyal Claude Code bsbab ghalat f npm - صفحة 1

Transparence b l-ghalat: Anthropic kat-akid tsrib l-code source dyal Claude Code bsbab ghalat f npm - صفحة 2

Transparence b l-ghalat: Anthropic kat-akid tsrib l-code source dyal Claude Code bsbab ghalat f npm

01 أبريل 2026

Data Breach / Artificial Intelligence

حمّل المانغا PDF اقرا الأصل

Transparence b l-ghalat: Anthropic kat-akid tsrib l-code source dyal Claude Code bsbab ghalat f npm

TL;DR (kholsat l-hdra)

Anthropic akdat t-tsrib dyal l-code source dyal l-assistant dyal l-codage Claude Code b l-ghalat, bsbab ghalat f l-emballage (packaging) f wahed l-misse à jour f npm (version 2.1.88). Had t-tsrib kshaf ktar mn 512,000 ster d l-code, u kshaf archi-ticturat dakhiliya bhal "Undercover Mode" u t-taktikat d l-mdad d l-distillation. Wakha hta chi ma3lumat dyal l-kliyane ma t-tqisat, had l-waqi3a darat rwina f l-amn d chaine d l-imdad (supply chain) u khllat l-hackers y-bdaw hjomat d "typosquatting".

L-waqi3a: Ghalat bashari mashi ikhtiraq

nhar t-tlata, Anthropic akdat beli l-code source l-dakhlani dyal Claude Code t-shra3 l-onane b l-ghalat. L-charika wadhlat beli had t-tsrib mashi natija dyal chi hjom securité, walakin natija dyal "mochkil f l-emballage d l-izdar (release packaging) t-sbbat fih ghalat bashari."

Had t-tsrib wqa3 mli t-poublia l-package npm dyal Claude Code version 2.1.88 u fih wahed l-fichier smiytu source map file. L-bahitine f l-amn, b-riyasat Chaofan Shou, lqaw beli had l-fichier ymken tstakhdmu bash t-rj3 l-code source TypeScript l-asli.

L-arqam d had t-tsrib:

L-fichierat lli t-fahshu: Qrib l-2,000 fichier TypeScript.
S-toura d l-code: Ktar mn 512,000 ster.
L-onane: Wahed l-post f X (Twitter qbal) lli fdah had t-tsrib hiyyad ktar mn 28.8 milliyone view.
L-wad3iya d l-aba: L-version 2.1.88 t-mas-hat mn npm, walakin l-code baqi f des repositories b-public f GitHub fihom l-alaf d l-stars u l-forks.

Asrar dakhiliya t-kshfat

Had t-tsrib 3ta wahed l-kharita (blueprint) nadira dyal l-mantiq (logic) l-khass b Anthropic. L-mo-tawwirine u l-monafissine bdawe k-yfa-k-kou l-code, u lqaw chi mizat dakhiliya lli ma kanch m-3lan 3liha mn qbal:

Self-Healing Memory: Wahed l-archi-tictur m-sawba bash t-ghallab 3la l-houdoud d l-context window.
KAIROS: Miza k-tkhlli Claude y-koun bhal wahed l-agent k-ykhdam f l-khalfiya dima, u y-mken lih y-slah l-aghalat u y-sift notification bla ma y-tdakhul l-insan.
"Dream" Mode: Hala pro-active feyn l-IA k-y-bfakkar (thin-k) f l-khalfiya bash y-mouwaddi l-afkar.
Undercover Mode: Wahed l-prompt controversial k-y-ammar l-IA bash y-dir mousahamat "m-mowwha" (stealth) f l-projets open-source bla ma y-kchaf beli ra huwa outils dyal Anthropic.
Anti-Poisoning Tactics: L-code k-y-kshaf 3la controls k-y-in-jectiw chi ta3rifat d l-outils ghaltine f l-API requests bash y-"poison-iw" (y-sm-mou) data d l-train-ing ila l-monafissine bghaw y-diro l-scraping l-Claude bash y-diru distillation l-models dialhom.

Makhawif amn-iya u khatar 3la s-silsila d l-imdad

Wakha Anthropic kat-gul beli hta chi ma3lumat siriya dyal l-kliyane ma t-f-df-hat, had t-tsrib dar mchakil kbira f l-amn:

Isti-ghlal l-Guardrails: L-khoubara d l-amn d l-IA k-y-goulu beli mli l-code source kolsi f l-id, l-hackers y-mken lihoum y-diro "fuzzing" l-system bash y-lqaw triq kifash y-douzu mn l-guardrails awla y-khal-liou des backdoors f l-pipeline d l-gestion d l-context.
Hjoum s-silsila d l-imdad 3la Axios: Kayn khouf kbir 3la l-user-ia lli daru misse à jour f npm nhar 31 mars 2026 (bin 00:21 u 03:29 UTC). Had l-user-ia y-mken y-kuno n-zl-ou b l-ghalat version "trojanized" dyal wahed l-HTTP client lli fiha trojan d l-access à distance (RAT).
Dependency Confusion: L-hackers bdaw k-y-diro "typosquatting" (k-y-sm-miou packages b smoyat qriba) dyal package-at npm dakhiliya k-y-khdam bihoum Claude Code. Wahed l-user smiytu "pacifier136" poublia ghlaffat khawya (bhal audio-capture-napi, image-processor-napi) b tam-ma3 y-sayyad l-user-ia lli k-y-haoulo y-compiliw l-code source l-m-ssrab.

Radd l-fi3l dyal Anthropic

Anthropic qalt beli raha k-tdir ijra-at jdida bash t-hmi rasha f l-moustqbal mn bhad l-aghalat d l-emballage. Had l-waqi3a hiya t-taniya d t-tsrib d ma3lumat l-had l-charika f waqt qsir; ghir l-simana l-fayta, t-lqawe chi tafassil 3la wahed l-model IA jdid f l-CMS dyal l-charika.

Nassa-ih l-l-mous-takh-dimine:

Hiyyad l-version 2.1.88 u rja3 l-version "safe" d Claude Code t-haq-qa-ti mn-ha dghya.
Baddal ga3 l-asrar (secrets) u l-credentials dialek ila knti k-tkhdam f l-waqt dyal l-hjoum nhar 31 mars.
Dir bal-ek bzaf mli t-ta3amal m-3a chi repositories mashi rsm-iyine awla packages lli k-y-dda-3iou beli 3ndhom 3alaqa b l-code source dyal Claude.

L-masdar: The Hacker News - Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

Transparence b l-ghalat: Anthropic kat-akid tsrib l-code source dyal Claude Code bsbab ghalat f npm

01 أبريل 2026

Data Breach / Artificial Intelligence

حمّل المانغا PDF اقرا الأصل

Transparence b l-ghalat: Anthropic kat-akid tsrib l-code source dyal Claude Code bsbab ghalat f npm

TL;DR (kholsat l-hdra)

L-waqi3a: Ghalat bashari mashi ikhtiraq

L-arqam d had t-tsrib:

L-fichierat lli t-fahshu: Qrib l-2,000 fichier TypeScript.
S-toura d l-code: Ktar mn 512,000 ster.
L-onane: Wahed l-post f X (Twitter qbal) lli fdah had t-tsrib hiyyad ktar mn 28.8 milliyone view.
L-wad3iya d l-aba: L-version 2.1.88 t-mas-hat mn npm, walakin l-code baqi f des repositories b-public f GitHub fihom l-alaf d l-stars u l-forks.

Asrar dakhiliya t-kshfat

Self-Healing Memory: Wahed l-archi-tictur m-sawba bash t-ghallab 3la l-houdoud d l-context window.
KAIROS: Miza k-tkhlli Claude y-koun bhal wahed l-agent k-ykhdam f l-khalfiya dima, u y-mken lih y-slah l-aghalat u y-sift notification bla ma y-tdakhul l-insan.
"Dream" Mode: Hala pro-active feyn l-IA k-y-bfakkar (thin-k) f l-khalfiya bash y-mouwaddi l-afkar.
Undercover Mode: Wahed l-prompt controversial k-y-ammar l-IA bash y-dir mousahamat "m-mowwha" (stealth) f l-projets open-source bla ma y-kchaf beli ra huwa outils dyal Anthropic.
Anti-Poisoning Tactics: L-code k-y-kshaf 3la controls k-y-in-jectiw chi ta3rifat d l-outils ghaltine f l-API requests bash y-"poison-iw" (y-sm-mou) data d l-train-ing ila l-monafissine bghaw y-diro l-scraping l-Claude bash y-diru distillation l-models dialhom.

Makhawif amn-iya u khatar 3la s-silsila d l-imdad

Wakha Anthropic kat-gul beli hta chi ma3lumat siriya dyal l-kliyane ma t-f-df-hat, had t-tsrib dar mchakil kbira f l-amn:

Isti-ghlal l-Guardrails: L-khoubara d l-amn d l-IA k-y-goulu beli mli l-code source kolsi f l-id, l-hackers y-mken lihoum y-diro "fuzzing" l-system bash y-lqaw triq kifash y-douzu mn l-guardrails awla y-khal-liou des backdoors f l-pipeline d l-gestion d l-context.
Hjoum s-silsila d l-imdad 3la Axios: Kayn khouf kbir 3la l-user-ia lli daru misse à jour f npm nhar 31 mars 2026 (bin 00:21 u 03:29 UTC). Had l-user-ia y-mken y-kuno n-zl-ou b l-ghalat version "trojanized" dyal wahed l-HTTP client lli fiha trojan d l-access à distance (RAT).
Dependency Confusion: L-hackers bdaw k-y-diro "typosquatting" (k-y-sm-miou packages b smoyat qriba) dyal package-at npm dakhiliya k-y-khdam bihoum Claude Code. Wahed l-user smiytu "pacifier136" poublia ghlaffat khawya (bhal audio-capture-napi, image-processor-napi) b tam-ma3 y-sayyad l-user-ia lli k-y-haoulo y-compiliw l-code source l-m-ssrab.

Radd l-fi3l dyal Anthropic

Nassa-ih l-l-mous-takh-dimine:

Hiyyad l-version 2.1.88 u rja3 l-version "safe" d Claude Code t-haq-qa-ti mn-ha dghya.
Baddal ga3 l-asrar (secrets) u l-credentials dialek ila knti k-tkhdam f l-waqt dyal l-hjoum nhar 31 mars.
Dir bal-ek bzaf mli t-ta3amal m-3a chi repositories mashi rsm-iyine awla packages lli k-y-dda-3iou beli 3ndhom 3alaqa b l-code source dyal Claude.

L-masdar: The Hacker News - Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms