Supply chain attack hits 300 million-download Axios npm package

A widely used JavaScript package used with hundreds of millions of downloads has been compromised in a new supply chain ...
Decrypt

OpenClaw Developers Lured in GitHub Phishing Campaign Targeting Crypto Wallets

The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...

Daily Digest: S.F. Goldman Sachs employee files claim, how an entrepreneur is bringing wine to Wine Country

Goldman Sachs is facing allegations that it forced a San Francisco-based investment advisor into retirement with a 24-hour ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...

PolyShell attacks target 56% of all vulnerable Magento stores

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Parents, board members scramble to keep private school open after $13M debt scandal

The school, which has campuses in the South End, Jamaica Plain and Providence, Rhode Island, revealed last week that its ...
The Hacker News

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.
XDA Developers on MSN

I self-hosted my own Cloudflare Workers replacement, and it's incredibly simple

And more useful than I thought.

H33 Launches HICS for Free: The First Trust-less Software Scoring Tool with Post Quantum Cryptographic Proof

Free cryptographically verified code quality scoring for software procurement. The best software wins. Not the best ...
The Indiana Lawyer

Democrats storm out of Justice Department leaders’ briefing on the Epstein files

Democratic lawmakers on Wednesday stormed out of a closed-door briefing on the Jeffrey Epstein files by Justice Department leaders and said they would push to force Attorney General Pam Bondi to ...
AdExchanger

The JavaScript Overload; Whatever, AI Will Handle It

Why do individual web pages now require as much memory to run as an entire operating system did 30 years ago? Ad tech, baby.