A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain ...

Two banks with deep Dallas roots officially joined forces in a $785 million deal and the combined company now has $20 billion ...

A subsidiary of the Dallas-based biotech Lantern Pharma received federal approval to move ahead with its planned trial for a ...

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

Google Chrome and other Chromium-based browsers, including Edge and Vivaldi, could soon get native support for video and ...

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Axios functions as pre-built software that a developer can easily incorporate into a JavaScript project. However, a hacker ...

And more useful than I thought.