A popular coding tool was hijacked to deliver malware.

A hacker took over an account belonging to the lead maintainer of the JavaScript library, Axios, which is used to handle HTTP requests, as reported by Cybernews. Security researchers found that ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

Someone has publicly leaked an exploit kit that can hack millions of iPhones

Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions ...
TidBITS

DarkSword Exploit Threatens iPhones Still Running iOS 18

Security researchers have discovered DarkSword, a sophisticated exploit chain targeting iOS 18.4 through 18.7.2. Unlike past spyware aimed at high-profile targets, DarkSword is being surreptitiously ...
XDA Developers on MSN

5 of the best self-hosted services to automate your life

Tired of tedious tasks taking up your free time? You're going to love these amazing automation tools ...

Anthropic just shipped an OpenClaw killer called Claude Code Channels, letting you message it over Telegram and Discord

The consensus among early adopters is that Anthropic has successfully internalized the most desirable features of the ...
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
Morningstar

P3 Media Unveils Modernized Shopify Experience for Save My Server Featuring Enhanced Server Configuration, Pricing, and Quote Management

NEW YORK, Jan. 21, 2026 /PRNewswire/ -- P3 Media, a Shopify Platinum Partner recognized for its leadership in complex commerce transformation, today announced the successful relaunch of Save My Server ...
gematsu

THE CUBE, SAVE US ‘Server Slam Test’ set for February 19 to 22

XLGAMES will host a “Server Slam Test” for extraction action game THE CUBE, SAVE US from February 19 to 22, the company announced. It will be available for PC via Steam. Here is an overview of the ...
The Hacker News

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 ...