Claude Code : la semaine où tout a dérapé

This week has been eventful, prompting questions about whether we're in a parallel universe. Here are five significant news items, starting with a leak of Claude Code's source code. On March 31, 2026, security researcher Chao Fanchou discovered that Claude Code's official npm package, version 2.1.88, published the day before, contained a 60 MB `Cli.JS.map` file. A source map links compiled, often unreadable, code to its original source code, serving as a debugging tool. However, it's not meant for production. In this instance, the file included the `source content` field, exposing the complete and accessible original TypeScript files. The source code was directly downloadable as a ZIP from Anthropiic's R2 bucket. Within hours, copies were circulating on GitHub. This wasn't a hack but a packaging error where a debug file was mistakenly included in the production build, highlighting that even leading AI teams can fall victim to common mistakes. Developers are advised to verify what they publish on npm before merging a release tag. Next, Claude now controls your Mac. On March 23, 2026, Anthropiic announced a new feature allowing Claude to directly control a computer. It can open apps, navigate browsers, fill spreadsheets, and use development tools without specific setup or API configuration per application. Claude achieves this by capturing screen states, understanding what it sees, deciding actions, executing them, and repeating the process. It prioritizes existing connectors like Slack, Gmail, and Google Calendar, but switches to keyboard, mouse, and screen control when direct integration isn't available. This feature integrates with "Dispatch," released the previous week, enabling users to assign tasks to Claude from their iPhone, allowing Claude to work remotely. However, this feature is in "research preview," available only on macOS for pro and Max subscribers. Claude can make errors, and prompt injection risks exist. Certain applications, such as trading platforms, crypto apps, and banking data, are blocked by default, and Anthropiic advises against using it with sensitive data for now. Third, a caching bug is affecting Claude Code quotas. Starting March 23, users reported abnormal session window depletion, with 5-hour sessions lasting only 1.5 hours or less, despite unchanged usage patterns. Some subscribers on €200 plans complained that a single prompt consumed 7% of their session quota. Anthropiic's official response states they voluntarily adjust session limits during peak hours (1 PM to 7 PM) due to increased demand, though total weekly limits remain unchanged. This means faster consumption during peak hours and slower during off-peak. Developers found this inconsistent with a tool costing $100-200 per month. A Reddit user's analysis suggested that instead of reusing the cache, which is 10 times cheaper in tokens, Claude sometimes re-tokenizes the entire context from scratch, multiplying consumption by 10 or even 20 in long agentic sessions. Anthropiic has confirmed investigation, flagging the bug as a regression and assigning it internally, but no fix has been announced as of March 31. Fourth, the npm library Axios was compromised, with two malicious versions published between March 30 and 31. Axios is one of the most used JavaScript packages, with 100 million weekly downloads. The maintainer's GitHub account was compromised, and their email address was changed to a Proton Mail address. A malicious dependency was added to the package, triggering a post-install script upon installation, even if Axios wasn't directly used in the code. This dropper contacted a C2 server, downloaded an OS-specific payload (Mac, Linux, or Windows), and then self-destructed to erase traces. This highlights supply chain attacks, where relying on compromised libraries can compromise an entire project. While the malicious versions were removed from the npm registry within three hours, many users were affected. This emphasizes that `npm install` can execute installation scripts, expanding the attack surface beyond just the application itself to everything that builds it. Finally, Claude Code found 22 Firefox vulnerabilities in two weeks. On March 6, 2026, Anthropiic published results from a collaboration with Mozilla. In January and February, Opus 4.6 discovered 22 vulnerabilities in Mozilla, 14 of which were severe. These 22 vulnerabilities represent one-fifth of all high-severity vulnerabilities found in Firefox in 2025. Claude was highly effective, and Mozilla mobilized engineers to validate the findings. This contrasts sharply with Claude Code exposing its own source code through a misconfigured source map, a classic error. Yet, Claude is simultaneously used to secure a browser with hundreds of millions of users at a speed unmatched by human teams. This dichotomy summarizes early 2026 in AI: powerful tools making classic errors, with every move closely watched by the community.