What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios maintainers.

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

How can an extension change hands with no oversight?

Another Earth CEO and co-founder Maya Pindeus (right) says the startup’s synthetic satellite data addresses a key bottleneck in Earth observation AI. Credit: Another Earth TAMPA, Fla. — A Vienna-based ...

If it feels like data breach letters are arriving more often than junk mail, you're not imagining it. A new report from the Identity Theft Resource Center says data breaches hit a record high last ...

Anthropic just released a “memory” tool that allows Claude users to copy their chats from other AI chatbots, giving those who want to switch over to Claude from ChatGPT, Gemini, and Copilot an easy ...

The US government’s release of its Epstein files has set off tremors among the world’s elite. A former prince was stripped of his title and arrested. Ambassadors have been sacked and also arrested.