SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

The key is that researchers can see how Claude Code is meant to work but cannot recreate it because the leak does not include ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
Security Boulevard

Google Says North Korea Was Behind the Axios npm Supply Chain Attack

A supply chain compromise involving the widely used JavaScript package Axios is now being tied to a North Korea-linked threat actor, turning what already looked like a serious open-source incident ...
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

Source Code for Anthropic’s Claude Code Leaks at the Exact Wrong Time

After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...
Infosecurity Magazine

Phantom Project Bundles Infostealer, Crypter and RAT For Sale

The malware, known as Phantom Stealer, collects browser credentials, cookies, saved passwords, autofill data and payment card ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...