The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...

Anthropic’s biggest AI leak yet: How Claude Code spill exposed secrets and sparked chaos

AI firm Anthropic accidentally leaked its Claude Code source code via an npm package, revealing unreleased features like an ...
BankInfoSecurity

Shadow AI, Data Leaks, and the Browser Problem No One Is Solving

The browser has quietly become the most critical—and least protected—layer of the modern enterprise. As work shifts to SaaS ...

Anthropic's Boris Cherny, creator of $2.5 billion coding tool, makes a ‘clarification ...

A missed step in a manual deployment process exposed the internal workings of one of AI's hottest coding tools—and briefly ...
Windows Latest

Google Chrome’s new native video and audio lazy loading could make the web faster

Google Chrome and other Chromium-based browsers, including Edge and Vivaldi, could soon get native support for video and ...
Windows Report

Hackers Breached Axios npm by Impersonating Companies and Hijacking Maintainer Access

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.

Y Combinator’s CEO says he ships 37,000 lines of AI code per day. A developer looked under the hood

After Garry Tan touted his agentic coding output, a developer found inefficiencies, code bloat, and rookie mistakes lurking ...

IRAN-CRISIS/

A man stands in his home near a synagogue, which was damaged in a strike, Tuesday in Tehran, Iran.

How I vibe-coded a web tool in three days with no programming experience

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.

ENFORCEAUTH IDENTIFIES AUTHORIZATION FAILURES AS ROOT CAUSE OF ANTHROPIC’S THREE SECURITY ...

Analysis Shows Production-Deployable Rego Policies Would Have Prevented CMS Data Exposure, 500K-Line Source Code Leak, ...
Opinion
Foreign AffairsOpinion

America and Israel Have Different Endgames in Iran

But it has done little to resolve the strategic incoherence at the heart of the U.S.-Israeli campaign that neither government has been willing to acknowledge publicly: the two partners have been ...