Supply chain attack hits 300 million-download Axios npm package

A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Apple Releases Safari Technology Preview 241 With Bug Fixes and Performance Improvements

Apple today released a new update for Safari Technology Preview, the experimental browser that was first introduced in March ...
The Week

'Always-on agent' and AI pet 'Buddy': Anthropic’s Claude source code leak reveals hidden features

Anthropic's accidental leak has exposed Claude AI's internal code, revealing several unreleased features like Buddy, KAIROS ...
Security Boulevard

This fake Windows support website delivers password-stealing malware

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Google Explains Why It Doesn’t Matter That Websites Are Getting Larger

Google explains why it doesn't matter that websites are getting heavier and the reason has everything to do with SEO.
Security Boulevard

Anthropic Claude Code Leak

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
NDTV Profit on MSN

iPhone-Hacking Tool DarkSword Is Now Public, And Anyone Can Misuse It — How To Keep Your Device Safe

Hundreds of millions of users and an estimated 2.5 billion devices are reportedly exposed to potential attacks.

Anthropic’s biggest AI leak yet: How Claude Code spill exposed secrets and sparked chaos

AI firm Anthropic accidentally leaked its Claude Code source code via an npm package, revealing unreleased features like an ...