A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...

It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Clinical trial data reviewed by NICE shows that semaglutide reduced the risk of serious cardiovascular events, including ...

Claude extension flaw allowed zero click attacks, letting hackers inject commands and access sensitive user data.

Anthropic's Claude Code source has leaked via a packaging error, exposing anti-distillation traps, an undercover mode, and scaffolding for an unreleased agent.

The launch of Moltbook, a social network for AI agents, will go down as the most intriguing mass agentic AI experiment we’ve ...

Discover 7 enterprise infrastructure tools that reduce engineering workload, speed deployment, and eliminate months of manual ...