Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

AI finds critical ImageMagick vulnerabilities in default configurations

An AI pentesting tool has discovered critical vulnerabilities in default ImageMagick configurations. Workarounds offer ...

Security study finds thousands of API credentials exposed on the web for years

Researchers scan 10 million websites and uncover thousands of exposed API keys quietly granting access to cloud systems and ...

Popular web-code library poisoned by malicious release

'This is unironically a malware nuclear missile.' ...

Claude Code unintentionally open source: Source map reveals all

The source code of Anthropic's CLI tool Claude Code was accidentally made publicly accessible via a source map in the npm ...

A popular coding tool was hijacked to deliver malware.

A hacker took over an account belonging to the lead maintainer of the JavaScript library, Axios, which is used to handle HTTP requests, as reported by Cybernews. Security researchers found that ...

Nestle says thieves stole 12 tons of KitKat chocolate bars

"We've always encouraged people to have a break with KitKat," the company said, "but it seems thieves have taken the message too literally." ...

AI researchers are coming: What will happen to science?

A fully automated AI researcher has produced a paper that meets scientific standards. This could accelerate scientific ...