The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
Security Boulevard

Which Came First: The System Prompt, or the RCE?

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude ...
Arabian Post

BlankGrabber cloaks theft with fake certificate

A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
PCMag

The Power of Plain English: Build Professional Apps With Base44

With the arrival of the Base44 vibe-coding platform, natural language could be the new language of software development.
VnExpress International on MSN

How a self-taught Vietnamese high schooler built the malware that infected 94,000 computers worldwide

International cybersecurity firms had been tracking a sophisticated malware strain called PXA Stealers for months, tracing it ...
Make Tech Easier

Use Pake to Turn Websites Into Desktop Apps — No Bloat, No Browser Dependency

Turn any website into a desktop app with Pake. Create fast, lightweight apps without browser dependency or bloat.
Make Tech Easier

ShellGPT: Turn Your Words into Terminal Commands

ShellGPT makes the terminal user-friendly, saving time by generating commands, automating scripts, and guiding me through tasks.