Spread the loveIn a significant security incident that has sent shockwaves through the developer community, a North Korean state-sponsored hacking group has successfully compromised the popular Axios ...

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.

AI firm Anthropic accidentally leaked its Claude Code source code via an npm package, revealing unreleased features like an ...

In early April 2025, security researchers confirmed that North Korean state-sponsored hackers had successfully compromised the Axios HTTP library. It is one ...

Although executed by different attackers – Axios by North Korean-linked goons, and Trivy et al. by a loosely knit band of ...

In-house software built in March with open-source components may include malware placed there by criminals. This isn’t a ...

Oops. A 60MB source map file just leaked Anthropic's entire roadmap.

Hackers are exploiting Anthropic's accidental Claude Code source leak to distribute Vidar and GhostSocks malware through fake ...

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.