The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

RxDB 17: Sync without server, access for AI agents

The open-source database RxDB 17 now synchronizes data directly via Google Drive or OneDrive – developers no longer need ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

「Node.js」にセキュリティリリース ~全9件の脆弱性を修正

「Node.js」のセキュリティアップデートが、3月24日(米国時間)に実施された。今回リリースされたバージョンは、以下の通り。できるだけ早い更新が望ましい。 電子書籍リーダー Amazon 電子書籍リーダー の売れ筋ランキング ...
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...