I finally quit Chrome for an open source browser, and I'm not looking back

I have eight years of experience covering Android, with a focus on apps, features, and platform updates. I love looking at ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
The Hacker News

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

According to Socket, the extensions (complete list here) are published under five distinct publisher identities – Yana ...
The Caledonian-Record

Highflame Launches ZeroID, an Open-Source Identity Platform for Autonomous AI Agents

Highflame, an AI security company building agent control and governance infrastructure, today announced the open-source release of Highflame Identity Platform called ZeroID, a purpose-built identity ...
Dark Reading

Axios NPM Package Compromised in Precision Attack

The NPM package for Axios, a popular JavaScript HTTP client library, was briefly compromised this week, possibly by North ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Claude Code Leak 2026: Why Teams Are Turning to AICC for Stable Multi-Model AI API Integration

SHENZHEN, GUANGDONG, CHINA, April 3, 2026 /EINPresswire.com/ -- On March 31, 2026, Anthropic released version 2.1.88 of ...

Malware campaign lures users with fake Windows Update website

Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...

Anthropic leaks source code for Claude Code again: Here's what happened

Anthropic has exposed Claude Code's source code, with a packaging error triggering a rapid chain reaction across GitHub and ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
SecurityWeek

Critical Flowise Vulnerability in Attacker Crosshairs

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.