GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Claude Code unintentionally open source: Source map reveals all

The source code of Anthropic's CLI tool Claude Code was accidentally made publicly accessible via a source map in the npm ...
WinBuzzer

Anthropic Leaks Claude Code Source via Npm Source Map

Anthropic has accidentally exposed Claude Code's full 512,000-line TypeScript source via an npm source map, revealing ...
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...

A popular coding tool was hijacked to deliver malware.

A hacker took over an account belonging to the lead maintainer of the JavaScript library, Axios, which is used to handle HTTP requests, as reported by Cybernews. Security researchers found that ...

Google fixes fourth Chrome zero-day exploited in attacks in 2026

In 2025, Google fixed a total of eight zero-days exploited in the wild, many of which were discovered and reported by ...