InfoQ

npmx Reaches Alpha: Community Driven Alternative Browser for the npm Registry

Daniel Roe and over 250 contributors. It emphasizes speed and features absent in the official npmjs.com interface, such as ...
Dark Reading

Axios NPM Package Compromised in Precision Attack

The Axios JavaScript NPM package was recently compromised, representing one of the highest impact supply chain attacks against the open source development ecosystem in recent months. Axios is the most ...
Neowin

JavaScript devs beware: this very popular NPM package has been compromised by attackers

If you are a JavaScript developer, you’re likely familiar with Axios, the popular library with over 80 million weekly downloads. Developers use Axios to make network requests, handle form submissions, ...
Bleeping Computer

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. One malicious ...
Detroit Free Press

Mackinac Bridge closure ends. How long bridge was closed

This story has been updated with new information. The Mackinac Bridge Authority, which closed the Mackinac Bridge to all traffic from falling ice on Monday morning, April 6 — marking the 16th closure ...
CSOonline

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how quickly a compromised package can propagate through the ecosystem. Attackers ...
The New York Times

Trump Hails Strike on Iranian Bridge, Warning ‘More to Follow’

Iran state media said eight people had been killed in the attack and dozens wounded. A local official said the bridge, in the mountains, was not yet in operation and that the people had been nearby ...
New York Post

Iran’s tallest bridge destroyed in US airstrikes as Trump warns of more destruction

President Trump warned Iran to make a deal now “before it is too late” on Thursday after US airstrikes took out Iran’s tallest bridge. Trump shared footage of the newly built span connecting Tehran ...
Bleeping Computer

Claude Code source code accidentally leaked in NPM package

Anthropic says it accidentally leaked the source code for Claude Code, which is closed source, but the company says no customer data or credentials were exposed. While Anthropic pledges support to the ...
CBS News

Insurer settles with owner, operator of ship that hit Baltimore's Key Bridge amid effort to limit liability in collapse

The company that insured Baltimore's Francis Scott Key Bridge has reached a $350 million settlement with the owner and operator of the cargo ship that hit the bridge in 2024. The settlement for ACE ...
IT News For Australia Business

Supply chain attack hits 100 million-download Axios npm package

A widely used JavaScript package used with over a hundred million weekly downloads has been compromised in a new supply chain attack to fetch a malware payload for Windows, Linux systems and macOS ...