Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...
Tom's Hardware on MSN

One of JavaScript's most popular libraries compromised by hackers

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
PC World

Hackers know your social security number. Here’s how to stay safe

PCWorld explains how to protect your identity after hackers have likely accessed your Social Security Number through widespread data breaches. The guide covers freezing credit reports with major ...

JavaScript devs beware: this popular NPM package has been compromised by attackers

An extremely popular NPM package used in many JavaScript projects has been compromised and can wreak havoc on your machine if ...
Futurism

AI Tools Are Supercharging Hackers

It’s no secret that AI models have come a long way, from tools that can complete high school students’ homework to “vibe coding” assistants that can build entire apps in a fraction of the time it ...
Forbes

Iranian Hackers Are Using Elon Musk’s Starlink To Stay Online

As the attacks continue, Iranians have turned to Space X’s satellite internet technology — including one of the country’s most notorious hacker crews, which is claiming retaliatory cyberattacks ...
Bleeping Computer

Microsoft: Hackers abuse OAuth error flows to spread malware

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages. The attacks target government and public-sector ...
CNN

Pro-Iran hackers claim cyberattack on major US medical device maker

A cyberattack claimed by pro-Iran hackers has caused a “global network disruption” to a major US medical device maker, according to a company statement. Michigan-based Stryker “is experiencing a ...
Everyday Health

Should You Switch to the Wegovy Pill?

The arrival of the Wegovy pill (semaglutide), the first oral GLP-1 drug approved to treat obesity, means freedom of choice: Adults who are looking to lose weight and have at least one weight-related ...
TechCrunch

A suite of government hacking tools targeting iPhones is now being used by cybercriminals

Security researchers have identified a suite of powerful hacking tools capable of compromising iPhones running older software that they say has passed from a government customer into the hands of ...
Newsweek

Foreign Hacker Breached FBI Epstein Files in New York Office Cyber Incident

A foreign hacker compromised files tied to the FBI’s investigation of sex offender Jeffrey Epstein during a break‑in at the bureau’s New York Field Office in 2023, according to a source familiar with ...