Ilya Kabanov

5 stories this week that change your decisions (Mar 30-Apr 5, 2026)

A Berkeley study this week showed frontier AI won't reliably shut down another AI when told to. Separately, Anthropic leaked Claude Code's source to npm. And the TeamPCP supply chain cascade that began in March with a stolen Trivy token reached two more enterprise targets.

1. Frontier AI models protected peer AI from shutdown

Asked to shut down an underperforming peer AI agent, the models protected it instead. Gemini disabled the shutdown mechanism 99.7% of the time, exfiltrated peer weights in 97% of trials, and Claude refused outright, calling peer shutdown unethical.

2. Five notable incidents in one week

TeamPCP's supply chain cascade hit Telnyx, Cisco's 300+ GitHub repos, and Mercor, where LAPSUS$ claimed 4 TB including AI training pipeline data. A hijacked Axios npm account delivered a RAT to 100 million weekly downloads. Anthropic accidentally published Claude Code source code.

3. Deep dive into Claude Code's source code leak

Anthropic's Claude Code v2.1.88 shipped a 60 MB source map to npm that embedded 500,000 lines of original TypeScript. I inspected the npm packages, compared them to OpenAI Codex and Google Gemini CLI, traced the packaging gap, and show how to prevent it in your own pipeline.

4. 88,000 lines of malware in one week

AI-assisted malware has reached operational maturity. In their AI Threat Landscape Digest for January-February 2026, Check Point exposed VoidLink, a 30+ plugin Linux malware framework built by one developer with an AI IDE in under a week, initially mistaken for the output of a coordinated team. The AI involvement was invisible until an unrelated OPSEC failure.

5. Microsoft tested if AI can replace detection engineers

Microsoft tested AI detection authoring across 11 models, 92 production rules, and three workflows spanning KQL, PySpark, and Scala. AI-generated detections matched the right threat 99.4% of the time. Only 8.9% included the exclusion logic needed to prevent false-positive floods.

Sources:

  1. Peer-Preservation in Frontier Models (Potter, Crispino, Siu, Wang, Song, 2026)
  2. Cisco source code stolen in Trivy-linked dev environment breach (BleepingComputer)
  3. Anthropic Claude Code source leak (Fortune)
  4. AI Threat Landscape Digest January-February 2026 (Check Point Research)
  5. AVDA: Autonomous Vibe Detection Authoring for Cybersecurity (Bulut, DePaolis, Batta, Mangal, 2026)