The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...
Security Boulevard

Axios supply chain attack chops away at npm trust

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

RxDB 17: Sync without server, access for AI agents

The open-source database RxDB 17 now synchronizes data directly via Google Drive or OneDrive – developers no longer need ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...