Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Cybernews

Code trust crisis: Is it safe to update your system during an active supply chain attack?

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
Tom's Hardware on MSN

One of JavaScript's most popular libraries compromised by hackers

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
Decrypt

US Charges Hacker Behind $53 Million Uranium Finance Exploit

The Uranium Finance indictment carries potential prison time of up to 30 years for fraud and money laundering counts.

Hacker charged with stealing $53 million from Uranium crypto exchange

U.S. prosecutors have charged a Maryland man with stealing more than $53 million after hacking the Uranium Finance crypto ...

Hackers are using fake coding jobs to spread malware through GitHub

The malware at the center of it, dubbed Omnistealer by investigators, uses public blockchains not just for payments, but as ...