Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
The Hacker News

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

Claude Code 2.1.88 leak exposed 512,000 lines via npm error, fueling supply chain risks and typosquatting attacks.

Cisco source code stolen in Trivy-linked dev environment breach

Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to ...
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...
Cybernews

Dangerous iPhone hack code now leaked on GitHub – users urged to patch now

Dangerous iPhone hack code tied to DarkSword has reportedly leaked onto GitHub, raising fresh risks for users with older ...
Forbes

Password Hack Warning As New Threat Jumps From Your Laptop To Phone

Update, July 22, 2025: This story, originally published on July 20, has been updated with an expert counterpoint to the idea that it’s the delivery mechanism being what’s important in the latest ...