Gate News message, March 31, Anthropic accidentally leaked 510,000 lines of source code for Claude Code in a routine npm update, including critical debugging files, exposing the complete architecture of this flagship AI coding tool. It is reported that the tool generates about $2.5 billion in recurring annual revenue for the company.
Security researcher Chaofan Shou found a source-code mapping file in the Claude Code 2.1.88 version and posted a download link on X (Twitter). The code spread quickly across GitHub within hours, accumulating tens of thousands of forks, and Anthropic subsequently issued a DMCA takedown notice. This leak happened five days after another CMS misconfiguration leaked about 3,000 internal files, including details of the unreleased “Mythos” model; within a week, two unexpected incidents have raised concerns in the market about Anthropic’s $350 billion valuation and its planned IPO in Q4 2026.
The leaked files reveal an internal feature called “Undercover Mode,” designed to prevent Claude from leaking confidential information, while also exposing 44 feature flags, the unreleased back-end daemon process KAIROS, and the internal codename “Capybara” for a Claude 4.6 variant. Anthropic said this was an inadvertent packaging error. Enterprise customers make up 80% of Claude Code revenue and now face risks of exposure to security-logic and permission-bypass techniques.
Korean-Canadian developer Sigrid Jin was reported to have cashed in on 25 billion Claude Code tokens; after the leak, he reworked the Python code and received 50,000 GitHub stars within two hours. This indicates that despite the risks posed by the leak, open-source the community’s interest in Claude Code remains extremely high.
The incident highlights the importance for AI enterprises to strengthen code security and internal permission management before an IPO, and it also serves as a reminder for investors and institutions to watch how potential technical risks affect market valuations. As Anthropic faces increased scrutiny, its prospects ahead of going public may experience significant volatility.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Circle Faces Class Action Lawsuit Over $280M Drift Protocol Exploit Response
Circle Internet Group is facing a class action lawsuit for failing to quickly halt a $280 million exploit involving its Cross-Chain Transfer Protocol, as investors claim it could have intervened. The lawsuit highlights Circle's prior ability to freeze funds, raising questions about their responsiveness.
GateNews2m ago
Ethereum Foundation: Ketman project identifies 100 North Korean agents within six months
According to an ETH Rangers project recap report published by the Ethereum Foundation on April 17, 2026 (Thursday), within its six-month funding period the Ketman project funded by the Ethereum Foundation identified 100 North Korean IT workers using false identities to infiltrate Web3 organizations, and contacted roughly 53 crypto projects to warn them they may have hired active North Korean agents.
MarketWhisper23m ago
Kyrgyzstan Crypto Exchange Grinex Hit by $15M Hack, Exposing Russia Sanctions Evasion Network
A cyberattack on Grinex, a Kyrgyzstan cryptocurrency exchange, exposed a network allegedly helping Russia evade sanctions. Hackers stole $15 million, targeting Grinex and the linked TokenSpot. Grinex, viewed as a continuation of the sanctioned Garantex, faces scrutiny for facilitating transactions linked to sanctioned entities.
GateNews1h ago
Polymarket Audits Builders Program Startups Over Insider Trading Concerns - Unchained
Polymarket has initiated an audit of its Builders Program after finding third-party tools that may facilitate insider trading by mimicking successful trades. The review follows scrutiny over potential market abuse linked to these apps.
UnchainedCrypto2h ago
CoW Swap Pauses Protocol After DNS Hijacking Redirects Frontend to Malicious Site - Unchained
CoW Swap suspended its protocol on April 14, 2026, after a DNS hijacking redirected users to a phishing site. The platform's security firm alerted users to revoke wallet approvals. The underlying smart contracts were safe, but backend and APIs were paused as a precaution.
UnchainedCrypto2h ago
Circle faces a class action lawsuit from Drift; USDC freeze obligations spark legal debate
Representing more than 100 members, Joshua McCollum, a Drift Protocol investor, filed a lawsuit against Circle on Wednesday in the U.S. District Court for the District of Massachusetts. The lawsuit alleges that in the April 1 theft incident involving approximately $280 million worth of Drift Protocol, Circle allowed the attacker to transfer roughly $230 million USDC to Ethereum via a cross-chain transfer protocol.
MarketWhisper3h ago
