On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Claude Code 2.1.88 leak exposed 512,000 lines via npm error, fueling supply chain risks and typosquatting attacks.

What happens when researchers think outside the box? Data gets exfiltrated through DNS.

Anthropic's Claude Code source has leaked via a packaging error, exposing anti-distillation traps, an undercover mode, and ...

Two critical-severity ShareFile vulnerabilities allow remote attackers to bypass authentication and execute arbitrary code.

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...

Two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

NASA's Artemis II mission launched Wednesday from the Kennedy Space Center in Florida, sending four astronauts on a 10-day ...