A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...
Anthropic accidentally released part of the internal source code for its AI-powered coding assistant Claude Code due to ...
Anthropic has exposed Claude Code's source code, with a packaging error triggering a rapid chain reaction across GitHub and ...
Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick ...
Attackers exploit OpenClaw hype with fake “CLAW” airdrops, luring developers from GitHub into wallet-draining phishing sites.
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results