Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

The attackers swapped the account's email address for an anonymous ProtonMail inbox and pushed the infected packages manually ...
Cybernews

Code trust crisis: Is it safe to update your system during an active supply chain attack?

Language package managers like pip, npm, and others pose a high risk during active supply chain attacks. However, OS updates ...
Techzine Europe

Axios npm package compromised, posing a new supply chain threat

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

Trump voices outrage after judge orders halt to White House ballroom project

A preservationist group launched legal action to stop Donald Trump's plan to build a 90,000sq ft ballroom on the site of the ...

A couple spent $18,000 to turn a simple shed into a cozy library. Now, it's a reader's paradise.

Jess Ciesla loves books so much that she wanted a dedicated space to read. She and her partner spent $18,000 to build a ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

Alberta Education Minister introduces wide-ranging bill meant to remove ‘ideology’ from classrooms

Alberta is introducing legislation to remove “ideology” from classrooms by prohibiting teachers and school boards from making ...
Techlomedia

Malicious Axios Versions Published on npm in Major Supply Chain Attack

A new report from StepSecurity has uncovered a serious supply chain attack involving Axios, one of the most widely used HTTP ...