Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

KushoAI Launches APIEval-20, the First Open Benchmark for AI API Test Generation

-- No existing benchmark measured whether AI agents can find real API bugs from a schema and payload alone -- 100+ downloads in first week by developers and contributors; freely available on ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential harvesting campaign.
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

EnforceAuth Announces Integration NVIDIA OpenShell to Deliver Continuous Authorization Governance AI Agent Deployments

Somewhere in your enterprise, An AI agent is running right now that shouldn’t be.... SAN DIEGO, CA, UNITED STATES, ...