Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
The Hacker News

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

Augmented Marauder targets Latin America and Europe since 2020, using dynamic PDF phishing to spread Casbaneiro via Horabot.
MIT Technology Review

The Download: gig workers training humanoids, and better AI benchmarks

Zeus is a data recorder for Micro1, which sells the data he collects to robotics firms. As these companies race to build ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

North Korean hackers blamed for hijacking popular Axios open source project to spread malware

A hacker inserted malware in Axios, an open source web tool downloaded tens of millions of times weekly, in a widespread hack ...
PCMag

Hacker Tries to Spread Malware to Millions by Hitting 'Axios NPM' Software

Axios functions as pre-built software that a developer can easily incorporate into a JavaScript project. However, a hacker ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
MIT Technology Review

The Download: AI health tools and the Pentagon’s Anthropic culture war

Plus: California has defied Trump's demands to stop AI regulation. This is today's edition of The Download, our weekday ...

This App Makes Even the Sketchiest PDF or Word Doc Safe to Open

When somebody sends you a document as an attachment, don't just open it. Use the free tool Dangerzone to scrub it clean of ...
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

Your Kindle just got better at handling USB-transferred PDFs

USB-transferred PDFs now support highlights, notes, and improved navigation. Kindle Scribe adds direct writing on sideloaded PDFs Amazon is rolling out a new software update to its Kindle devices, ...
The Caledonian-Record

Judge seeks update on Customs' progress toward tariff refunds

A judge ordered the U.S. Customs and Border Protection to provide an update on the agency's progress toward issuing refunds ...