The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...
IndianWeb2

Cloudflare Launches EmDash as WordPress Alternative with Built‑In Security and Payments

EmDash, the secure serverless CMS successor to WordPress, fixes plugin risks and empowers global publishing in the AI era.

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Slate

What Could Go Wrong?

This essay is adapted from Monsters: The Hindenburg Disaster and the Birth of Pathological Technology, by Ed Regis, published by Basic Books. A pathological technology is a triumph of emotional ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
PCMag

Hacker Tries to Spread Malware to Millions by Hitting 'Axios NPM' Software

Axios functions as pre-built software that a developer can easily incorporate into a JavaScript project. However, a hacker ...
ProPublica

ProPublica — Investigative Journalism and News in the Public Interest

During Donald Trump’s second presidency, ProPublica will focus on the areas most in need of scrutiny. Here are some of the issues our reporters will be watching — and how to get in touch with them ...