Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
The Caledonian-Record

Highflame Launches ZeroID, an Open-Source Identity Platform for Autonomous AI Agents

Highflame, an AI security company building agent control and governance infrastructure, today announced the open-source release of Highflame Identity Platform called ZeroID, a purpose-built identity ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software packages, to distribute a cross-platform, ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Salesforce bets on conversation as the new interface for developers

According to the company, this opens a whole new horizon. It also means developers can bring their favorite coding agents ...

Claude Code Leak 2026: Why Teams Are Turning to AICC for Stable Multi-Model AI API Integration

SHENZHEN, GUANGDONG, CHINA, April 3, 2026 /EINPresswire.com/ -- On March 31, 2026, Anthropic released version 2.1.88 of ...
The Hacker News

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

According to Socket, the extensions (complete list here) are published under five distinct publisher identities – Yana ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Anthropic leaks source code for Claude Code again: Here's what happened

Anthropic has exposed Claude Code's source code, with a packaging error triggering a rapid chain reaction across GitHub and ...
The American Bazaar

Cybersecurity firm identifies 108 malicious Chrome extensions affecting 20,000 users

All 108 route stolen credentials, user identities, and browsing data to servers controlled by the same operator," Security Researcher Kush Pandya said in an analysis ...

108 Google Chrome Extensions Are Stealing User Data, Over 20,000 Users Affected

Collectively, the extensions amassed about 20,000 installs in the Chrome Web Store. All 108 extensions route stolen ...
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...