Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Ubergizmo

Adobe Reader Zero-Day Exploit Uses Fake PDF Files To Steal User Data

A critical security vulnerability in Adobe Reader is being actively exploited by cybercriminals through a sophisticated and evolving ...
InfoWorld

Visual Studio Code 1.115 introduces VS Code Agents app

Preview of new companion app allows developers to run multiple agent sessions in parallel across multiple repos and iterate ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
The Times-News

5 Courses with Guided Projects to Learn SQL Programming and JavaScript in 2026

In 2026, entry-level and transition roles often expect more than passive course completion. Employers want to see that you can write queries that answer business questions, work with browser logic, ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

Although executed by different attackers – Axios by North Korean-linked goons, and Trivy et al. by a loosely knit band of ...

Ingage Partners acquires fast-growing Mason-based software firm

The Fire Awards powered by 1819 Innovation hub, is the premier recognition program dedicated to honoring the trailblazers and ...

Covington-based golf simulator startup secures 50 franchises

In July 2025, Another Nine sold its first franchise. Now, less than two years later, it has hit the 50th store milestone.