Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...
The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...
Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...
はじめに:これは「エンジニアの話」ではない 2026年3月31日。世界中の開発者が使う「axios」というソフトウェア部品が乗っ取られた。 🚨 CRITICAL: Active supply chain attack on axios -- one ...
The open-source database RxDB 17 now synchronizes data directly via Google Drive or OneDrive – developers no longer need ...
Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...
XDA Developers on MSN
AI agents are a security nightmare for home labs, and Tailscale just shipped a fix
Stop putting your API keys everywhere ...
一部の結果でアクセス不可の可能性があるため、非表示になっています。
アクセス不可の結果を表示する