Cybernews

Axios patches critical vulnerability that allows attackers to steal cloud credentials

Axios, a widely used JavaScript library, is affected by a new critical vulnerability that enables attackers to chain exploits ...
The Tech Edvocate

Supply Chain Attacks Target Popular Open Source Tools: A Growing Threat

Spread the loveIn a chilling reminder of the vulnerabilities inherent in open source software, two significant supply chain attacks occurred in March 2026, targeting widely used tools that affect a ...
Morning Overview on MSN

North Korea-linked hackers used fake Teams updates to hit Axios npm

Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware ...
The Hacker News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.

Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...
CoinDesk

North Koreans hackers likely behind $286 million Drift Protocol exploit: Elliptic

Elliptic said Thursday the $285 million Drift Protocol exploit, the largest this year, carries “multiple indicators” of North Korea’s state-sponsored DPRK hacker group involvement. The research firm ...
MacRumors

Apple Issues Rare iOS 18 Security Update to Protect Against DarkSword Exploit

Apple today released a new build of iOS 18.7.7 and iPadOS 18.7.7, presumably with a fix for the DarkSword exploit. Apple told Wired that it would release an iOS 18 update for more devices, allowing ...
MacRumors

Apple to Issue Rare iOS 18 Software Update for DarkSword Exploit

Apple on Wednesday will issue software updates to devices still running iOS 18 to protect them from an exploit called DarkSword, which can silently take over an iPhone if it visits a website infected ...
Nextgov

North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say

“The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will have far reaching impacts,” a chief Google analyst said. North Korea-aligned ...
Android Police

I found 7 open source apps so good I'd actually pay for them

Irene Okpanachi is a Features writer, covering mobile and PC guides that help you understand your devices. She has five years' experience in the Tech, E-commerce, and Food niches. Particularly, the ...
CSOonline

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch deadline. Attackers have exploited a critical Langflow RCE within hours of ...
TechCrunch

Cohere launches an open source voice model specifically for transcription

Enterprise AI company Cohere on Thursday launched its first voice model: Transcribe is an open source automatic speech recognition model that can be used for tasks like note-taking and speech analysis ...