Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Claude Code Leak 2026: Why Teams Are Turning to AICC for Stable Multi-Model AI API Integration

SHENZHEN, GUANGDONG, CHINA, April 3, 2026 /EINPresswire.com/ -- On March 31, 2026, Anthropic released version 2.1.88 of ...
The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...
CoinDesk

How a Solana feature designed for convenience let attackers drain more than $270 million from Drift

The exploit did not involve a bug in Drift's code. It used "durable nonces," a legitimate Solana transaction feature, to pre-sign administrative transfers weeks before executing them, bypassing the ...

The Axios Hack: How a single compromised account put millions of developers at risk

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Security study finds thousands of API credentials exposed on the web for years

Researchers scan 10 million websites and uncover thousands of exposed API keys quietly granting access to cloud systems and ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Popular web-code library poisoned by malicious release

'This is unironically a malware nuclear missile.' ...

Claude Code Source Code Leak: Did Anthropic reveal its secret AI models? What it means for developers and users

Analysts believe the leak could impact the company’s reputation, especially as it is reportedly preparing for a $380 billion ...
Security Boulevard

Axios supply chain attack chops away at npm trust

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...