Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
XDA Developers on MSN

I automated my entire read-it-later workflow with a local LLM so every article I save gets summarized overnight

No more fighting an endless article backlog.
CBS News

Cybersecurity experts explain how surveillance footage of Nancy Guthrie's home was recovered

Anna Schecter is the senior coordinating producer for CBS News and Stations' Crime and Public Safety Unit, based in New York. Investigators with the FBI and Pima County Sheriff's Department said they ...
The Verge

Why ‘deleted’ doesn’t mean gone: How police recovered Nancy Guthrie’s Nest Doorbell footage

Investigators pulled video from ‘residual data’ in Google’s systems — here’s how that was possible and what it means for your privacy. Investigators pulled video from ‘residual data’ in Google’s ...
ZDNet

Why people keep flocking to Linux in 2025 (and it's not just to escape Windows)

The Linux desktop has continued its slow growth. Linux has been making gains in no small part because of Microsoft Windows' blunders. Users and governments have been losing trust in Windows and ...
The Hacker News

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads. "The threat actors have ...