Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware ...

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no ...

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) ...

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...

Spread the loveIn a worrying development for the cybersecurity landscape, North Korean hackers have successfully infiltrated the widely-used Axios NPM package, introducing backdoored versions of the ...

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...