Spread the loveIn a worrying development for the cybersecurity landscape, North Korean hackers have successfully infiltrated the widely-used Axios NPM package, introducing backdoored versions of the ...

Spread the loveIn a significant revelation in the landscape of cybersecurity, Google has attributed a recent supply chain attack targeting the popular Axios npm package to a North Korean threat group ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no ...

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

A hacker inserted malware in Axios, an open source web tool downloaded tens of millions of times weekly, in a widespread hack ...

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

In response to growing concerns and discussions regarding the recent events surrounding the $THE token, THENA has issued a statement addressing the exploit and ...

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that evade standard code review.