Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

The open-source database RxDB 17 now synchronizes data directly via Google Drive or OneDrive – developers no longer need ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...

A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

The plugin allows developers to run Codex reviews and delegate tasks directly within Anthropic’s Claude Code environment ...

Microsoft plans major WSL improvements in Windows 11 2026, with faster file performance, better networking, and easier setup ...

OpenAI published a Codex plugin on March 30 that installs directly inside Anthropic’s Claude Code, letting developers run code reviews and delegate tasks to Codex without leaving their existing ...

Gnata, “a pure-Go implementation of JSONata 2.x”, was built in just seven hours, $400 in tokens and a 1,000x speedup on common expressions.

Neovim 0.12 introduces a native plugin manager and puts an end to "Press ENTER". The goal is an out-of-the-box editor.

OpenClaw gives your AI agent real system access, but that comes with real security risks. Here's how to experiment safely ...