In what could be one of the most significant AI-related leaks in recent times, Anthropic has accidentally exposed sensitive internal details of its AI tool, Claude Code. The incident has sparked serious discussions across the tech community, not just about security lapses—but also about how advanced AI systems are actually built behind the scenes.

What Exactly Happened?

The leak occurred when a debugging file—specifically a JavaScript source map (.map file)—was mistakenly included in a public release of the Claude Code package on npm.

This file, part of version 2.1.88 of the @anthropic-ai/claude-code package, was never meant for public access. Yet, once published, it opened the door to a massive amount of internal code becoming visible.

What followed was a rapid chain reaction.

How the Leak Spread So Fast

The issue was first spotted by Chaofan Shou, an intern at Solayer Labs, who shared the discovery on X (formerly Twitter). Within hours, developers across the world downloaded and mirrored the file.

The leak included a staggering 512,000 lines of TypeScript code—effectively giving outsiders a deep look into how Claude Code operates internally.

For a company like Anthropic, reportedly running at a $19 billion annualized revenue rate, this is more than just a technical slip—it’s a major intellectual property exposure.

The Most Important Discovery: “Self-Healing Memory”

One of the most fascinating insights from the leak revolves around how Claude Code handles long conversations without getting confused—a common problem in AI known as context loss or “context entropy.”

The leaked files revealed a sophisticated three-layer system often referred to as a “Self-Healing Memory” architecture:

• A central index file (MEMORY.md) that always stays active
• This file doesn’t store actual data but instead points to where data is stored
• Real information is saved in separate files and loaded only when needed

Instead of reloading entire conversations, the system uses keyword-based retrieval—making it faster and more efficient.

Even more interesting is its “Strict Write Discipline,” meaning the system only updates memory after successful operations. This reduces the chances of storing incorrect or corrupted data.

Another standout feature is that the AI treats its own memory as a “hint,” not a fact. It verifies information before using it—an approach that adds an extra layer of reliability.

Why This Matters for the AI Industry

This leak provides rare insight into how modern AI systems are evolving. Companies like OpenAI and Google are also working on similar challenges, but such internal approaches are usually kept highly confidential.

Now, developers and competitors alike have a glimpse into one of the solutions being used at scale.

Security Concerns Are Rising

While the technical revelations are fascinating, the leak also raises serious security questions.

With internal architecture now exposed, malicious actors could potentially look for vulnerabilities. The timing makes things worse—a separate supply-chain issue involving the axios npm package was reported around the same period, increasing the risk for developers who updated packages on March 31, 2026.

What Should Users Do Now?

In response to the situation, Anthropic has advised users to:

• Avoid using the affected npm version
• Switch to its official/native installer
• Follow a zero-trust security approach
• Rotate API keys and review system access

These steps are crucial to minimize any potential fallout from the leak.

A Costly Mistake or a Learning Moment?

For Anthropic, this incident is both a reputational and strategic challenge. While the leak exposes valuable technical innovation, it also highlights how even the most advanced AI companies are not immune to simple deployment errors.

At the same time, the broader tech community now has unprecedented insight into the inner workings of a cutting-edge AI system.

Whether this turns into a long-term setback or a learning moment for the industry remains to be seen—but one thing is certain: the Claude Code leak has changed the conversation around AI transparency, security, and competition.

There is a phrase that keeps echoing from the early weeks of the US-Iran conflict — confident, dismissive, quintessentially Trump: the Strait of Hormuz would “open itself.”

It hasn’t. And now, President Donald Trump is saying something very different.

From Ultimatums to Acknowledgment

In the opening weeks of the conflict, Trump repeatedly threatened Iran with a forceful military response if oil flows through the Strait of Hormuz were blocked. The message was clear — cross this line and face devastating consequences. The strait, he implied, was a problem that would resolve itself under American pressure.

But the reality on the ground told a different story entirely. And recently, as reported by Yahoo Finance, Trump acknowledged publicly what US officials had been quietly admitting in private — that Iran is already influencing traffic through the strait and has even begun charging transit fees to vessels attempting to pass.

“They shouldn’t be able to, but they’re doing it a little bit,” Trump said.

It is a remarkable shift for a president whose foreign policy posture rarely accommodates acknowledgment of an adversary’s leverage. He also noted that Iran had allowed “a small number of oil tankers to pass” during limited diplomatic contacts — a concession that itself reveals how dramatically the situation has changed.

The Numbers Tell the Real Story

Before the conflict began, the Strait of Hormuz was one of the busiest and most critical shipping lanes on earth — with more than 100 vessels passing through daily, carrying roughly one-fifth of the world’s oil and gas supplies.

Today, that traffic has collapsed. According to analytics firm Kpler and shipping journal Lloyd’s List, traffic through the strait has dropped by as much as 90 to 95% since early March — a near-total shutdown driven by attacks, mines, and security threats that have made the route commercially unviable for most shipping companies.

Many vessels are avoiding the route altogether. Others are allowed through selectively — on Iran’s terms. The Islamic Revolutionary Guard Corps (IRGC) has gone further, claiming “complete control” over the waterway.

Why the US Can’t Simply Fix This

Behind closed doors, the picture being painted by American officials is far less confident than the public messaging suggests. According to CNN, US officials have privately admitted that reopening the strait is far more complicated than they anticipated.

One intelligence official put it bluntly:

“One of the core conundrums of this conflict is the Iranians have real leverage… and there’s not an obvious fix.”

The reason is geography and tactics combined. The Strait of Hormuz stretches nearly 100 miles, giving Iran dozens of points along its coastline to deploy mines, missiles, drones, and small fast-attack boats. These are low-cost, hard-to-detect, and extremely difficult to neutralise comprehensively — even with the full weight of US and Israeli military strikes targeting Iranian capabilities.

Tehran doesn’t need aircraft carriers or advanced warships to choke this waterway. It just needs patience and the tools it already has.

The Economic Ripple Effect

The consequences are being felt far beyond the Persian Gulf. Oil prices have surged sharply, with some forecasts warning they could climb significantly higher if the crisis persists. Shipping and insurance costs have also spiked, further tightening already strained global supply chains.

For countries that depend on Hormuz for energy — across Asia, Europe, and beyond — this isn’t a geopolitical abstraction. It is fuel shortages, rising prices, and economic pain that is landing on ordinary people every single day.

Iran’s Unexpected Leverage

What the past weeks have revealed is something that quietly unsettles Washington’s strategic calculus — Iran entered this conflict holding a card that is extraordinarily difficult to counter. Control over the Strait of Hormuz has given Tehran leverage that no amount of airstrikes has been able to fully neutralise.

US officials acknowledge that restoring normal shipping will depend partly on negotiations and de-escalation — not just military pressure. That is a significant admission from a administration that began this conflict with overwhelming confidence in its military superiority.

Trump said it would open itself. Instead, Iran tightened its grip. And with the April 6 deadline now looming, the world is watching to see whether diplomacy can achieve what force so far has not.

A US federal court has sentenced Sital Singh, 43, to four years in prison after he was found guilty of running a sophisticated scam that drained millions of dollars from elderly victims across the United States — convincing them to hand over gold bars and coins to protect their life savings from a threat that never existed.

The sentence was handed down by US District Judge Matthew T. Schelp in St. Louis, Missouri, who also ordered Singh to pay a staggering $6.6 million in restitution to the victims whose lives were turned upside down by the scheme.

How the Scam Worked — And Why Elderly People Never Saw It Coming

The operation was as calculated as it was cruel. Overseas scammers — still at large — would cold-call elderly Americans, posing as tech support representatives or financial officials, warning them that their savings and retirement accounts had been compromised.

The solution? Buy gold bars or coins immediately to “secure” their funds — and hand them over to a courier who would come right to their door.

It was a lie. Every word of it.

But for victims — many of them in their 70s, 80s, and 90s — the fear of losing a lifetime of savings was enough. The overseas network alone collected an estimated $9.3 million from victims across the country.

The Roles: Handlers, Couriers, and a Paper Trail That Led to Court

Singh pleaded guilty to one count of conspiracy to commit wire fraud, along with four co-accused:

• Dariona Lambert, 24 — courier
• Zhamoniq Stevens, 24 — courier
• Chintankumar Parekh, 52 — handler
• Mehulkumar Darji, 42 — handler

According to prosecutors, Lambert and Stevens physically collected the gold from victims’ homes, while Singh, Parekh, and Darji coordinated the pickups behind the scenes and paid couriers in cash — keeping their hands clean while victims handed over everything they had.

Singh ran pickup operations in Collierville, Tennessee; Universal City, Texas; and Greendale, Wisconsin. Parekh coordinated collections across Arizona, California, Florida, North Carolina, and Pennsylvania. Darji handled gold in Scottsdale, Arizona; Largo, Florida; and La Jolla, California.

The Case That Broke It Open: An 82-Year-Old Woman and $250,000 in Gold

Court documents detail one case that lays bare the human cost of the operation.

An 82-year-old woman in St. Louis received a call from someone pretending to be a computer support agent. She was told her financial accounts had been hacked and was instructed to purchase approximately $250,000 worth of gold bars to safeguard her money.

She did exactly that.

In May 2024, Lambert flew from Gainesville, Florida to St. Louis to collect the gold. Parekh rented a car and drove her close to the victim’s home, after which Lambert took a rideshare to complete the pickup. FBI agents were waiting. Lambert was intercepted at the residence. Parekh, upon learning she had been caught, immediately fled to Pittsburgh.

It was the thread that unravelled the entire network.

‘They Lost the Money Saved for Their Disabled Child’

FBI St. Louis Special Agent in Charge Chris Crocker didn’t mince words when condemning the scheme.

He revealed that in one particularly heartbreaking case, a couple in their 90s lost the money they had spent decades saving — funds specifically set aside to care for their disabled adult child for the rest of his life.

Gone. In a phone call.

Two Defendants Face Deportation After Prison

Beyond the prison sentences, the case has an immigration dimension. Federal authorities confirmed that both Parekh and Darji are living in the United States unlawfully and will be deported after completing their sentences.

Parekh had overstayed his work visa. Darji had previously been removed from the country back in 2014 — and had returned.

Their sentences: both received four years in prison. Lambert was sentenced to two years, while Stevens received 18 months. All five defendants were ordered to pay restitution.

What You Should Know to Stay Safe

The FBI and Homeland Security Investigations — which jointly investigated this case, prosecuted by Assistant US Attorney Gwen Carroll — are urging anyone who has been targeted by cyber scams to report incidents through the FBI’s Internet Crime Complaint Center (IC3).

The message from authorities is simple: no legitimate government agency, bank, or tech company will ever ask you to buy gold to protect your money. If someone does — hang up.