Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Techzine Europe

Axios npm package compromised, posing a new supply chain threat

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...
Bleeping Computer

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...
GitHub

Myrlyn Package Manager GUI for Linux

Myrlyn is a graphical software package and repositories manager. You can use it to install, update or remove individual or multiple software packages or software ...
GitHub

Naareman/python-package-development

python-package-development is a Claude Code plugin that teaches Claude how to build Python packages the right way — using the hard-won wisdom of the R package ecosystem. For Python developers who want ...