Pesky humans.

The entire source code for Anthropic’s Claude Code command line interface application (not the models themselves) has been leaked and disseminated, apparently due to a serious internal error. The leak gives competitors and armchair enthusiasts a detailed blueprint for how Claude Code works—a significant setback for a company that has seen explosive user growth and industry impact over the past several months.

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and Enkrypt AI CSO Merritt Baer weigh in on agent permissions and derived IP risk.

A simple human mistake has revealed all 500,000+ lines of code that make up Claude Code. How big a deal is that, really?

Updated Claude Code will ignore its deny rules, used to block risky actions, if burdened with a sufficiently long chain of subcommands. This vuln leaves the bot open to prompt injection attacks. Adversa, a security firm based in Tel Aviv, Israel, spotted the issue following the leak of Claude Code's source.