eWeek

Anthropic Opens Claude Cowork to All Paid Plans on macOS, Windows

Anthropic is expanding Claude Cowork on desktop, bringing its file-aware AI workflow tool to more paid users on macOS and ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...
How-To Geek on MSN

These 10 open-source apps built Linux into what it is today

On the server and on the desktop, these apps helped showcase what Linux can do.

Microsoft finally lets Windows 11 testers unlock experimental features without ViVeTool

The Windows Insider channels are also being simplified to Experimental and Beta.

Microsoft’s “commitment to Windows quality” starts with overhaul of beta program

One of those fixes is another overhaul for its Windows Insider Program, the public beta system that Microsoft has used since ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
PCMagOpinion

Microsoft Is Finally Fixing Windows 11's Web App Problem. It's About Time

Windows 11 is full of web apps that make your PC slower and less enjoyable to use, so I'm excited about the prospect of a ...

Windows 11 will be force-updated to version 25H2 using machine learning

According to Microsoft's latest timeline, Windows 11 25H2 will soon be rolled out to all devices running the Home and Pro ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...