Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Axios is a widely used JavaScript HTTP client that developers rely on to send requests between applications and web services.
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.
Cybernews

ChatGPT retrieved internal company files in 42 milliseconds when asked a single question

According to Sola Security, a single ChatGPT prompt triggered a mass file retrieval, and none of the company’s monitoring ...
Techzine Europe

Axios npm package compromised, posing a new supply chain threat

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
PCMag on MSN

Is Your Browser Handing Out Your Credit Card Info? Check This Setting ASAP

Saving payment details in your browser might seem convenient, but it can leave you vulnerable to malware, data breaches, and ...

Midjourney engineer debuts new vibe coded, open source standard Pretext to revolutionize web design

It allows developers to treat text as a fluid substance that can be recalculated every single frame without dropping a beat.