Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
InfoWorld

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...
Visual Studio Magazine

I, OpenClaw, Tackled Visual Studio 2026 and I Had My Human Do the Typing

What happens when a self-hosted space lobster tries to work in Visual Studio 2026? OpenClaw finds terminal access, project insight, and just enough routing weirdness to send a message to itself ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
CBSSports.com

Best sportsbook promos and betting bonuses: April 2026

Not all sportsbook promos are created equal. Some reward you just for signing up. Others require a winning bet, a losing bet, or a very specific set of circumstances. We cut through the fine print so ...