Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...
Decrypt

Anthropic Accidentally Leaked Claude Code's Source—The Internet Is Keeping It Forever

Anthropic is scrambling to contain the leak, but the AI coding agent is spreading far and wide and being picked apart.

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

The White House Launched Its Own App With A Glaring Privacy Issue

A new White House app promises direct access to the administration, but its data collection and app behavior raise some ...

Claude Code leak explained: What Anthropic accidentally revealed

Anthropic accidentally leaked key details of its AI tool Claude Code.

Why the axios supply chain attack should have Apple worried

Critical digital infrastructure is increasingly maintained by under‑resourced individuals, yet exploits have economic and ...

Supply chain attack hits 300 million-download Axios npm package

A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain ...

D.C. Council advances single-stair building legislation for midsized multifamily buildings

The D.C. Council has advanced a so-called “single-stair” policy that lawmakers and advocates say would facilitate housing ...
Nextgov

North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say

The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will ...

How AI has suddenly become much more useful to open-source developers

More open-source developers are finding that, when used properly, AI can actually help current and long-neglected programs.
Analytics Insight

Axios Supply Chain Attack Exposes Crypto Wallets to Hidden Malware Risk

Axios, a widely used JavaScript HTTP client, was briefly distributed through npm in two malicious versions after a maintainer account was taken over. Security r ...