The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

Workers plan to halt strike at major US meatpacking plant and resume negotiations

Workers at one of the nation’s largest meatpacking plants plan to return to work next week and halt a three-week strike in ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
CSO Online

OpenAI patches twin leaks as Codex slips and ChatGPT spills

Command injection in Codex and a hidden outbound channel in ChatGPT exposed risks of credential theft and covert data ...
KRDO

Former Pikes Peak State College professor faces 77 counts of sexual assault on minor student

The El Paso County Sheriff's Office (EPSO) has arrested a 48-year-old former Pikes Peak State College professor for an ...