The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply chains.

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Why Google’s New Gemma 4 AI is a Game-Changer for Your Laptop

Learn how to install and run Google's new Gemma 4 AI models locally on your PC or Mac for free, offline, and privacy-focused ...
Live Science on MSN

James Webb telescope spots stingray galaxy system that could solve the mystery of 'little red dots'

A study of the fascinating galaxy system nicknamed "The Stingray" suggests that mysterious little red dots could be a phase ...
New Scientist on MSN

Largest ever map of universe captures 47 million galaxies and quasars

The Dark Energy Spectroscopic Instrument (DESI) has finished the most detailed survey of the universe to date, and the ...
Bleeping Computer

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. One malicious ...