The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...

Anthropic’s biggest AI leak yet: How Claude Code spill exposed secrets and sparked chaos

AI firm Anthropic accidentally leaked its Claude Code source code via an npm package, revealing unreleased features like an ...
Windows Report

Hackers Breached Axios npm by Impersonating Companies and Hijacking Maintainer Access

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.

How I vibe-coded a web tool in three days with no programming experience

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.
Morning Overview on MSN

North Korea-linked hackers used fake Teams updates to hit Axios npm

Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware ...

U.S. judge upholds decision to block Fed Chair Jerome Powell subpoenas

A U.S. judge on Friday stood by his prior decision to block subpoenas issued in a criminal investigation into Federal Reserve ...
Opinion
Foreign AffairsOpinion

America and Israel Have Different Endgames in Iran

But it has done little to resolve the strategic incoherence at the heart of the U.S.-Israeli campaign that neither government has been willing to acknowledge publicly: the two partners have been ...
MUO on MSN

I archive every webpage the moment I bookmark it and I've never lost a saved link since

Bookmarks break, this extension makes sure mine never do.
Ecommerce Fastlane

Your Store Now Has Two Customers: The Shift Every Shopify Merchant Needs to Understand

Your store has a new customer. It doesn't have eyes. It doesn't feel urgency from a countdown timer. It evaluates your data ...
The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...

For many civilians in the Middle East, missile attacks come without shelter or warning

It was just before 8:30 a.m. on a recent Thursday when the giant metal tube − the fuel tank of an Iranian ballistic missile ...