The Hacker News

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.

Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...
GitHub

Accomplish – open-source Al coworker that lives on your desktop

Accomplish is an open source AI desktop agent that automates file management, document creation, and browser tasks locally on your machine. Bring your own API keys (OpenAI, Anthropic, Google, xAI) or ...

OpenClaw gives users yet another reason to be freaked out about security

Once the access is given, OpenClaw is designed to act precisely as the user would, with the same broad permissions and ...

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and ...

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
The Tech Edvocate

North Korean Hackers Exploit Axios NPM Package in Major Supply Chain Attack

Spread the loveIn a worrying development for the cybersecurity landscape, North Korean hackers have successfully infiltrated the widely-used Axios NPM package, introducing backdoored versions of the ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
dlnews

Resolv Labs stablecoin plummets 80% as exploiter mints millions in unbacked USR tokens

Resolv Labs’ USR stablecoin plummeted after a private key exploit. The attacker minted 80 million USR tokens using less than $200,000 in collateral. Vault curators on Morpho with exposure to USR also ...
CoinTelegraph

Resolv says no assets lost as DeFi protocols respond to $24M USR exploit

Update (March 23, 2026, 3:00 am UTC): This article has been updated to include additional comments from Pashov security firm. Resolv Labs moved Sunday to reassure users after an exploit hit the ...