Security boffins scoured the web and found hundreds of valid API keys

Computer security boffins have conducted an analysis of 10 million websites and found almost 2,000 API credentials strewn across 10,000 webpages.
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

Official White House app allegedly with extensive tracking functions

The White House app requests extensive permissions on Android. A technical analysis also raises data protection and security ...

Hacker hijacks Axios open-source project, used by millions, to push malware

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...

This popular app builder is being abused to trick users - here's what we know

Bubble.io's good name is being tarnished by advanced and convincing phishing lures.

McDonald’s tries a simpler approach with its new McValue menu

McDonald’s is simplifying its value menu strategy. Starting on April 21, the fast-food giant’s budget-focused McValue menu ...

Hegseth asks the Army’s top uniformed officer to step down while US wages war against Iran

Defense Secretary Pete Hegseth has asked the Army’s top uniformed officer, Gen. Randy George, to step down as the United ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

A popular coding tool was hijacked to deliver malware.

A hacker took over an account belonging to the lead maintainer of the JavaScript library, Axios, which is used to handle HTTP requests, as reported by Cybernews. Security researchers found that ...
diginomica

BrightEdge introduces AI Hyper Cube to help brands understand AI search. Here’s how it works

Trying to figure out how to get your brand to appear in AI search engines the right way? BrightEdge says its new AI Hyper ...