Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Dark Reading

The Forgotten Endpoint: Security Risks of Dormant Devices

The forgotten endpoint problem isn't a sophisticated supply chain attack or a novel vulnerability. It's basic blocking and ...

Microsoft removes Support and Recovery Assistant from Windows

Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support ...
MUO on MSN

Windows Terminal has profile-per-shell tabs that most people have never configured

Each tab can be its own world, if you actually configure it.
XDA Developers on MSN

I self-hosted my own Cloudflare Workers replacement, and it's incredibly simple

And more useful than I thought.
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
DataBreachToday

Breach Roundup: German Police Expose REvil, GandCrab Boss

This week, German police unmasked a REvil leader, a critical Docker flaw, Medusa ransomware surged, DPRK hackers abused ...
Engadget

The FBI confirms it's buying Americans' location data

During a Senate hearing, FBI Director Kash Patel confirmed that his agency has bought information that could be used to track individuals' movement and location. "We do purchase commercially available ...