Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Anthropic accidentally exposed over half a million lines of its Claude Code, triggering a rapid global effort to copy and ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

How AI has suddenly become much more useful to open-source developers ...

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

On Tuesday, a software engineer discovered that Anthropic had, seemingly by accident, included access to the source code for ...

What should have been a routine release has revealed some of the features Anthropic has been working on for Claude Code. As ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

The leak, triggered by a human error, exposed 500,000 lines of source code of Anthropic’s star product Claude Code.