Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Trump's new White House app is a security and privacy nightmare

President Donald Trump's new White House app is a privacy nightmare for some users. On Friday, the Trump administration ...
Windows Report

Hackers Spread Malware on GitHub Using Fake VS Code Alerts

Hackers target GitHub developers with fake VS Code alerts and CVEs, using malicious links to steal data and deliver malware.

Bubble AI app builder abused to steal Microsoft account credentials

Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
WinBuzzer

Anthropic’s Claude Code Gets Auto Mode, Cowork Gains Desktop Control

Anthropic has launched auto mode for Claude Code and computer use for Cowork, expanding AI agent autonomy as revenue ...

AI-Native Subdomains Make AI-Ready Websites Without Technical Overhaul

AI agents struggle with modern, content heavy websites. It's slow and expensive to crawl. The markdown standard makes your ...