The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Claude Code source code accidentally leaked in NPM package

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no ...
Security Boulevard

Axios supply chain attack chops away at npm trust

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

This Argentine Billionaire’s Startup Vercel Is One Of Claude Code’s Go-To Web Hosting Tools

One of the most popular ways to view the Epstein Files, an interface called Jmail that mimics a Gmail inbox, is hosted on ...
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

Group’s report highlights how guns in the US get from legitimate stores to crime scenes

The group Everytown for Gun Safety used court records to trace more than 250 guns bought at nearly two dozen Academy Sports + ...

Spotify seeks $300M from Anna’s Archive, which ignores all court proceedings

Spotify and major record labels are seeking a $322 million default judgment from Anna’s Archive, which hasn’t responded to ...
The Hill

DOJ publishes some missing Epstein files with uncorroborated Trump claims

The Justice Department has released more documents from the Jeffrey Epstein files related to allegations against President Trump, a move that came after the department was pressured to review its ...
Business Insider

Amazon says it could take at least a day to restore data centers hit by 'objects' in the UAE

Amazon Web Services had a power outage at one of its facilities in the United Arab Emirates on Sunday. Amazon said it could take at least a day to bring the data center back online. The fire was ...