Dark Reading

Axios NPM Package Compromised in Precision Attack

The NPM package for Axios, a popular JavaScript HTTP client library, was briefly compromised this week, possibly by North ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
The New York Times

Nature Report, Killed by Trump, Is Released Independently

A draft assessment of the health of nature in the United States is grim but shot through with bright spots and possibility. By Catrin Einhorn Scientists and other experts were preparing a first-of-its ...