Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
SecurityWeek

TeamPCP Moves From OSS to AWS Environments

The TeamPCP hacking group has been using credentials stolen in the recent OSS campaign to enumerate and compromise AWS ...
CSO Online

OpenAI patches twin leaks as Codex slips and ChatGPT spills

Command injection in Codex and a hidden outbound channel in ChatGPT exposed risks of credential theft and covert data ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Techzine Europe

Axios npm package compromised, posing a new supply chain threat

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...
PC World

Installing an AI assistant on your PC? 5 do’s and don’ts

PCWorld examines essential safety practices for new personal AI assistants like Claude Cowork and Perplexity’s Personal Computer that offer extensive desktop control capabilities. These AI tools can ...
AZ Central

ClawHavoc Malware Found in 539 OpenClaw Skills, ClawSecure Reports

Audit identifies credential harvesting, C2 callbacks, and data exfiltration patterns across 18.7% of the most popular OpenClaw agent skills, ClawSecure reports ClawSecure’s audit found ClawHavoc ...
Forbes

10 Ways To Secure OpenClaw And Still Get Real Value

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. In this photo illustration, the OpenClaw logo is seen on a smartphone screen. (Photo ...