The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

How thousands of sensitive LAPD files got leaked online — and what happens next

A data breach at the city attorney's office led to a massive cache of LAPD files being dumped online. Here's what we know ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
SecurityWeek

North Korean Hackers Target High-Profile Node.js Maintainers

The North Korean threat actor behind the Axios supply chain attack has been targeting high-profile Node.js maintainers.

Former FedEx driver pleads guilty to killing 7-year-old girl after making delivery at her Texas home

A former FedEx driver accused of killing a 7-year-old girl after authorities say he abducted her while making a delivery to ...
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
Wall Street Journal

Amazon Plans Drastic Cut in Packages Sent Via Already-Struggling Postal Service

Amazon.com AMZN-0.38%decrease; red down pointing triangle is planning to sharply cut the number of packages it ships through the U.S. Postal Service, a move that could cost the agency billions of ...