Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
eWeek

Anthropic Leaks Claude Code, a Literal Blueprint for AI Coding Agents

Anthropic’s Claude Code leak reveals how modern AI agents really work, from memory design to orchestration, and why the ...
MUO on MSN

I've tried every Windows launcher — and this is the first one that actually changed how I use my PC

I’ve used plenty, but this one rewired my daily workflow.
The Hacker News

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

AtlasCross RAT spreads via 11 fake domains registered October 27, 2025, enabling encrypted C2 control and persistence.
Cybernews

Venom Stealer touts fully automated malware pipeline for $250 a month, bypasses browser encryption

Venom Stealer is a new malware-as-a-service tool using ClickFix scams to steal credentials, hijack sessions and automate ...
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

Malware on npm: HTTP client axios loads backdoor for Windows, macOS, and Linux

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...