Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
Silicon CanalsOpinion

A single maintainer, a fake company, and a three-hour window: inside the Axios supply chain hijack

The most widely used JavaScript HTTP library on the internet — embedded in millions of production applications, relied on by ...
The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...
The Caledonian-Record

Evolv Technology to Release First Quarter Financial Results on May 12, 2026

Evolv Technologies Holdings, Inc. (NASDAQ: EVLV), a leading security technology company pioneering AI-based solutions designed to help create safer experiences, today announced that the Company will ...

Alleged North Korean Hack Of US Companies Could Take 'Months' To Recover From

Discover the details of the North Korean hack on Axios software. We explain how the UNC1069 group is stealing US ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...
TechJuice

Hackers Are Now Spreading Malware Using Claude Code Leak on GitHub

Hackers are exploiting Anthropic's accidental Claude Code source leak to distribute Vidar and GhostSocks malware through fake ...
The Caledonian-Record

Vishay Precision Group Announces Date for Its First Quarter Fiscal 2026 Earnings Conference Call

Vishay Precision Group, Inc. (NYSE: VPG), a leader in precision measurement and sensing technologies, will release its financial results for the first ...

How North Korean hackers used fake Teams updates to compromise the Axios library

It's unclear how widespread the damage is from the recent axios hack involving North Korean malware, Microsoft Teams, Slack, ...

Google Core Update, Crawl Limits & Gemini Traffic Data – SEO Pulse

Google's March core update is rolling out. Illyes explains Googlebot's crawling architecture, and Gemini referral traffic ...
Silicon Canals

A three-hour window: North Korean hackers compromised the Axios library and exposed thousands of systems

Forty-five million weekly downloads. One compromised maintainer. Three hours of exposure before anyone noticed.