Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...

SORBA.ai Releases Version 10.7: Integration with Inductive Automation Ignition SCADA 8.3 & Expanded AI Model Creation

Major release delivers seamless Ignition SCADA, enterprise-grade security, advanced ML algorithms, and private cloud ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...

The Debranding Dilemma: New Research Reveals a 1.8x Effectiveness Gap for Simplified Logos

Meta-analysis of 1,000 logos highlights the critical role of characters, icons, and the "Golden Thread" in logo ...

We Tried Quilty, the AI Tool That Analyzes Scripts. The Results Were Shocking

We ran screenplay for three hits — and one notable bomb — to see what Quilty would say, and the results were surprising.

41 Years Later, One of Chuck Norris' Highest-Rated Crime Classics Resurfaces as a Streaming Hit

Code of Silence, Chuck Norris' best movie, Code of Silence, is a free streaming hit over 40 years later. Read on for more.

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.

Claude Code source leak reveals how much info Anthropic can hoover up about you and your system

For those who recall the debate surrounding Microsoft Recall not long ago, Claude Code's capture of activity is similar.
Techlomedia

Malicious Axios Versions Published on npm in Major Supply Chain Attack

A new report from StepSecurity has uncovered a serious supply chain attack involving Axios, one of the most widely used HTTP ...
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...