InfoWorld

Local-first browser data gets real

Wasm, PGlite, OPFS, and other new tech bring robust data storage to the browser, Electrobun brings Bun to desktop apps, ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
CSO Online

Cloudflare’s new CMS is not a WordPress killer, it’s a WordPress alternative

WordPress's massive installed base isn't going anywhere, but many developers and AI agents are not opting for the product for ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Hacker hijacks Axios open-source project, used by millions, to push malware

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
GitHub

[email protected] and [email protected] are compromised

Most likely, a maintainer's GitHub and npm accounts are compromised as these issues are getting deleted. I have also reported this as a vulnerability, so that a CVE can be generated.