Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Mercor says it was hit by cyberattack tied to compromise of open source LiteLLM project

The AI recruiting startup confirmed a security incident after an extortion hacking crew took credit for stealing data from ...

The White House Launched Its Own App With A Glaring Privacy Issue

A new White House app promises direct access to the administration, but its data collection and app behavior raise some ...

Claude Code source code accidentally leaked in NPM package

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

Security boffins scoured the web and found hundreds of valid API keys

Computer security boffins have conducted an analysis of 10 million websites and found almost 2,000 API credentials strewn across 10,000 webpages.
PCMag

How Base44 Makes Building a Website as Easy as Writing an Email

Building a professional website is no longer about choosing the right template or implementing manual code syntax. It's about ...