Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Federal Judge Approves Trump Effort to Obtain List of Jews From Penn

The government’s effort to collect the names and phone numbers of Jewish people on campus as it investigates antisemitism has ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
The Armenian Weekly

Breaking the cycle: Kima Harutyunyan on art, women and invisible labor

While scrolling through Facebook, I noticed a post titled “Forced Service.” It featured a mandala-shaped composition in which ...
The TyeeOpinion

Please Advise! Can Avi Lewis Save the NDP?

This weekend the federal NDP chose Avi Lewis as their new leader on the first ballot, with 56 per cent of the vote. Edmonton ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
The Tyee

The Fight Isn’t Over for Francisco Barahona

After a two-and-a-half-year delay, BC Cancer finally offered treatment. But now he must pay his medical bills before care ...
Next City

The Weekly Wrap: City and State Governments Move Quickly To Erase César Chavez From Public Spaces

After stunning allegations of sexual abuse by the late labor rights icon César Chavez became public this month, city and ...
The Bakersfield Californian

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...