Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
Security Boulevard

Axios Front-End Library npm Supply Chain Poisoning Alert

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...

Supreme Court justices appear sceptical over Trump's changes to US birthright citizenship rules

The highest court is hearing arguments about whether children born in the US to non-resident parents have a constitutional ...

Anthropic accidentally exposed Claude Code source, raising security concerns

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...
Hoodline

Warrant Raid Near Stoneview Elementary Jars Quiet Stonecrest Block

Warrant service on Chupp Road prompted a brief Stoneview Elementary lockdown; school officials say it wasn't involved.
WinBuzzer

Claude Code Source Leak Exposes Anti-Distillation Traps

Anthropic's Claude Code source has leaked via a packaging error, exposing anti-distillation traps, an undercover mode, and scaffolding for an unreleased agent.