On March 31, 2026, two new npm packages for updated versions of Axios, a popular HTTP client for JavaScript that simplifies making HTTP requests to a REST endpoint with over 70 million weekly ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. One malicious ...

Axios, a hugely popular JavaScript library with 100 million weekly downloads, has been hit by a critical supply chain attack. In a recurring open-source security crisis, developers unknowingly pulled ...

Secrets sprawl isn't slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian's State of Secrets Sprawl 2026 report analyzed billions of commits across public ...

A new campaign has leveraged the ClickFix social engineering tactic as a way to distribute a previously undocumented malware loader referred to as DeepLoad. "It likely uses AI-assisted obfuscation and ...

I have eight years of experience covering Android, with a focus on apps, features, and platform updates. I love looking at even the minute changes in apps and software updates that most people would ...

Google has released Android 17 Beta 3 for the Pixel 6 and later. The previous beta arrived a month ago on February 26. Stable Android 17 is expected to arrive in June 2026. Just like with the second ...

A proposal endorsed Monday by President Trump to end the 40-day shutdown of the Department of Homeland Security (DHS) is taking fire from Democrats and conservative Senate Republicans, delaying a ...

On March 19, 2026, Trivy, Aqua Security’s widely used open-source vulnerability scanner, was reported to have been compromised in a sophisticated CI/CD-focused supply chain attack. Threat actors ...

Homeland Security: President Trump said he would take a “good, hard look” at a Republican proposal to end the shutdown of the Department of Homeland Security but did not commit to supporting it. The ...