The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
How-To Geek on MSN

The terminal tricks nobody talks about (but everyone should know)

The terminal can feel just as intuitive and twice as powerful as any graphical user interface.
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
TidBITS

macOS 26.4’s Script Editor Won’t Open Some Older AppleScripts

After upgrading to macOS 26.4, some users found Script Editor refusing to open certain older AppleScripts—even though most of the scripts still ran fine from apps like BBEdit. Here’s how to fix ...
OSTechNix

20 Vim Tricks That Will Change How You Edit

Stop editing at 10% of Vim's power. Master registers, :norm, fuzzy completion, linematch diff, and 16 more Vim tricks. Tested ...