The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...
How-To Geek on MSN

Stop using Claude as just a chatbot—MCP changes everything

MCP is the MVP.
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
GitHub

The highest-scoring AI memory system ever benchmarked. And it's free.

Every conversation you have with an AI — every decision, every debugging session, every architecture debate — disappears when ...
Techrights

Links 09/04/2026: Microsoft Attacking VeraCrypt and "Canada’s New Surveillance Law"

A federal appeals court in Washington DC today rejected Anthropic PBC’s request for a stay in its lawsuit against the ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
How-To Geek on MSN

I replaced 3 paid productivity apps with one simple Python script

If you're paying for software features you're not even using, consider scripting them.