Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Teenagers and younger kids are learning coded predator phrases like ‘MAP’ online, long before their parents have even heard of it

When I checked my 10-year-old daughter’s TikTok messages in early February 2026, I expected to find the usual mix of dance ...
CSO Online

Security lapse lets researchers view React2Shell hackers’ dashboard

The campaign is stealing credentials from unpatched servers at scale, due to “neglect and efficiency,” says analyst, and the ...
The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

Midjourney engineer debuts new vibe coded, open source standard Pretext to revolutionize web design

It allows developers to treat text as a fluid substance that can be recalculated every single frame without dropping a beat.