Tag: source code leak

  • Claude Code Leak Discovered: First Vulnerability Found by Researchers

    Claude Code Leak Discovered: First Vulnerability Found by Researchers

    Key Takeaway

    1. A source code leak of Anthropic’s Claude Code revealed a critical security flaw allowing attackers to bypass permission rules through long command chains, risking data exfiltration.
    2. The vulnerability exploits the system’s limit of analyzing only 50 subcommands in complex chains, enabling malicious prompt injections once the limit is exceeded.
    3. Despite a fix in the leaked version 2.1.88, the publicly available code continued using an outdated parser, leaving the security flaw unaddressed in released versions until later updates.
    4. The flaw could enable attackers to extract sensitive information such as SSH keys or cloud credentials by manipulating the AI to execute lengthy command sequences that bypass deny rules.

    Recent Accidental Code Leak and Its Implications

    On March 31, Anthropic, the creators of Claude AI, mishandled their source code by unintentionally making a significant part of the underlying code accessible online. This leak happened when a source map file, which translates compiled code back to a human-readable form, was mistakenly published on npm, a popular JavaScript package manager. The leak revealed approximately 512,000 lines of TypeScript code, providing detailed insights into how the AI assistant operates. Despite no model weights or sensitive customer data being exposed, the blueprint nature of this leak has posed serious security concerns. It has opened doors for malicious actors to analyze vulnerabilities or replicate the tool for harmful purposes such as malware delivery.

    Security Flaw Discovered in Claude Code’s Permission System

    Claude Code is an AI-based terminal assistant capable of executing commands and editing files directly from the command line. To fight misuse, it employs a permission system where users can set deny rules blocking specific commands like “curl,” used for network data transfer, while allowing others like “git.” However, security researchers at Adversa AI uncovered a critical flaw. The vulnerability centers around how the system handles complex command chains, especially in scenarios where a chain exceeds 50 subcommands. To prevent slowdowns or interface freezes, Anthropic’s code skips detailed security checks beyond this limit, instead prompting users with a general confirmation. This behavior could be exploited by attackers through prompt injection techniques to bypass security checks altogether.

    Prompt Injection Attack Scenarios and Data Risks

    • The attack involves placing a specially crafted file named “CLAUDE.md” in a public code repository. This file contains commands or instructions designed to manipulate the AI’s responses.
    • When a developer clones the repository and prompts Claude Code to analyze or review the project, the AI might execute a lengthy chain of commands exceeding the 50-command threshold. Since detailed checks are skipped past this limit, the system becomes vulnerable.
    • In this way, an attacker can sneak in commands that retrieve sensitive data, such as SSH keys, cryptographic credentials used for secure connections, or cloud computing credentials stored on developer machines.
    • Crucially, because the system only asks for a simple confirmation at the end of the command chain, it fails to recognize that security policies are sidestepped. This allows attackers to secretly exfiltrate data without raising suspicions.

    Existing Fixes and the Discrepancy in Implementation

    Interestingly, the leaked version 2.1.88 of Claude Code included a fix for this problem. The developers had introduced a more sophisticated parser designed to be aware of deny rules regardless of how long a command chain is. Unfortunately, this improvement was not incorporated into the publicly available versions, which continued to use an older, flawed security mechanism. It wasn’t until version 2.1.90 that Anthropic addressed the issue officially, fixing the fallback deny-rule degradation described as “parse-fail fallback deny-rule degradation” in the changelog. Despite this, security researchers suggest that other attack methods might still exist, emphasizing that it’s a partially mitigated issue rather than a fully resolved one.

    Sources
    Tags: , , , ,
  • Claude AI Free Credits Offer for Pro & Max Users Up to $200

    Claude AI Free Credits Offer for Pro & Max Users Up to $200

    Key Takeaway

    1. Anthropic is offering free usage credits for Claude AI, with bonuses based on subscription tiers, alongside discounts for additional usage.
    2. Users must enable the “Extra Usage” feature and have a credit card on file to access free credits, especially for those subscribing via PayPal.
    3. It is advised to disable “Extra Usage” after free credits are exhausted to avoid unexpected charges.

    Recent developments with Claude AI

    Claude AI has been really catching people’s eyes lately. The Anthropic company now offers free extra usage credits to existing folks, kinda like trying to make things better after a rough patch. After the big leak of Claude Code’s source code, there’s been a lot of criticism because of the company’s intense DMCA takedown notices. These took down loads of legitimate repositories and many see it as a cover-up move.

    Credits and discounts for users

    Depending on what subscription level you got, you will be credited accordingly. The Pro level gets a $20 bonus (that’s bout €17), while the Max level grants $100 in free credits (around €85). The top tier, costing $200, receives $200 in credits (about €170). Plus, there’s a promo that gives up to 30% off if you wanna buy more usage capacity. It’s like a deal to get more out of your subscription.

    What Claude AI can do for you

    This tool is super flexible. You can use it to generate code, write content, come up with new ideas, or just make boring tasks a lot easier. It’s definitely worth your time to check your account balance and see if you can add more credits to keep things running smoothly.

    Caveats and user reports

    Now, here’s some important info—users from Germany on the platform MyDealz have found issues. Mostly, those who signed up via PayPal can’t claim the free credits unless they enable “Extra Usage”. Seems like you need to link a credit card for that, and without one, it’s pretty much impossible to get the free credits right now.

    Advice for managing your credits

    It’s also best to turn off the “Extra Usage” feature after all your free credits are used up. This function auto-charges you once you go over your limit, which could get pretty expensive without realizing. Remember, you need to submit your application to claim the credits before 11:59 PM (local time) on 17 April 2026. The prices, of course, could change anytime, and the promotion might not last forever. Always check the latest info to stay updated.

    Important info summary

    • The current offer includes bonus credits depending on your subscription tier.
    • Additional discounts available if buying extra capacity.
    • Using the “Extra Usage” feature requires a credit card, which some users report as inconvenient.
    • The application deadline for credits is 17 April 2026, 11:59 PM local time.
    • Prices and offers may change, so keep an eye out for updates.
    Sources
    Tags: , , ,