The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

Just-released Version 1.113 of Microsoft’s Visual Studio Code editor emphasizes improvements ranging from chat customizations to support for MCP (Model Context Protocol) in Copilot CLI and Claude ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

It's not even your browser's fault.

Google has rolled out a new update for its Chrome browser, fixing several serious security issues. The latest version, Chrome ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...