The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

Most likely, a maintainer's GitHub and npm accounts are compromised as these issues are getting deleted. I have also reported this as a vulnerability, so that a CVE can be generated.

Claude Code, Anthropic’s top AI agent, just suffered a major source code leak. Version 2.1.88 exposed 512,000 lines of ...

Google has issued an update alert for 3.5 billion Chrome browser users following confirmation of a new zero-day attack ...

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...

In 2025, Google fixed a total of eight zero-days exploited in the wild, many of which were discovered and reported by ...

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...

'This is unironically a malware nuclear missile.' ...

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios ...

Free cryptographically verified code quality scoring for software procurement. The best software wins. Not the best ...

Crypto users are facing a new security threat via fake Cloudflare CAPTCHA pages. The attack installs an infostealer built to siphon crypto wallet data.

Claude Code Source Code Leak Anthropic: Analysts believe the leak could impact the company’s reputation, especially as it is ...