Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

ENFORCEAUTH IDENTIFIES AUTHORIZATION FAILURES AS ROOT CAUSE OF ANTHROPIC’S THREE SECURITY INCIDENTS IN FIVE DAYS

Analysis Shows Production-Deployable Rego Policies Would Have Prevented CMS Data Exposure, 500K-Line Source Code Leak, ...

The Axios Hack: How a single compromised account put millions of developers at risk

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios maintainers.
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...
Morning Overview on MSN

Suspected North Korean hackers compromise widely used US software

Suspected North Korean hackers have compromised Axios, one of the most widely used JavaScript libraries in American software ...

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...
Security Boulevard

Anthropic Claude Code Leak

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

Google launches Gemma 4 AI models for data centres and smartphones: What CEO Sundar Pichai and Demis Hassabis have to say

Google has unveiled Gemma 4, its most capable open-source AI model family, designed for broad accessibility from data centers ...
Cyber Daily

Code red: North Korean hackers behind compromised Axios npm package

Experts have pinned the attack on “one of npm’s most depended-on packages” on hackers backed by the Democratic People’s ...
Arabian Post

Axios breach exposes npm supply chain risks

A compromise of the widely used Axios software package has triggered fresh concern over open-source security after attackers used a hijacked maintainer account to publish poisoned versions carrying ...
The Hacker News

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The U.S. State Department has officially launched the Bureau of Emerging Threats, a new unit tasked with protecting U.S.