GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

Anthropic accidentally exposed Claude Code source, raising security concerns

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

The key is that researchers can see how Claude Code is meant to work but cannot recreate it because the leak does not include ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

How North Korean hackers used fake Teams updates to compromise the Axios library

It's unclear how widespread the damage is from the recent axios hack involving North Korean malware, Microsoft Teams, Slack, ...

U.S. judge upholds decision to block Fed Chair Jerome Powell subpoenas

A U.S. judge on Friday stood by his prior decision to block subpoenas issued in a criminal investigation into Federal Reserve ...
MacGeneration on MSN

Cloudflare s’attaque à WordPress en lançant son propre CMS

Cloudflare entend occuper une place encore plus importante sur le web. Déjà essentielle pour de nombreux services en tant que ...

Apple releases iOS 18.7.7 to block DarkSword, and these iPhone users need to update immediately

Apple has released critical updates for millions of iPhone and iPad users to combat the 'DarkSword' hacking toolkit. This ...
The Solihull Observer

M6 closures as second HS2 viaducts is installed

THE M6 interchange sliproad near Chelmsley Wood is set to close as HS2 engineers install the second viaduct over the motorway ...
Batiactu

Hausses de coûts "exagérées" : le ministre incite les TPE du BTP à saisir le médiateur

CRISE. Le gouvernement est conscient des difficultés auxquelles sont confrontées les PME et TPE du BTP. Des réflexions sont en cours sur le sujet. #BatiActu ...