Iran and US agree to conditional two-week ceasefire and opening of Hormuz strait

Pakistan says it will host talks between the two sides on Friday. Israel says it supports the ceasefire but it "does not ...
Cyber Daily

Your developers work for cyber gangs

In-house software built in March with open-source components may include malware placed there by criminals. This isn’t a ...

Hegseth says Iran ceasefire offers 'chance at real peace' as both sides claim victory

Pakistan says it will host talks between the two sides on Friday. Israel says it supports the ceasefire but it "does not ...

7 Days: Humans flying near the moon, Gmail address change, and Instagram's paid version7 Days: Humans flying near the moon, Gmail address change, and Instagram'…

Our '7 Days' weekly tech roundup brings the juiciest announcements. Read about humans flying near the moon, Netflix refunding ...

North Korea’s hijack of one of the web’s most used open source projects was likely weeks in the making

North Korean hackers pushed out malicious updates to a popular open source project by hacking a top developer's computer in a ...

Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...

Iranian intelligence chief assassinated in US-Israeli strike

Legal experts have said deliberately targeting civilian infrastructure, as Trump threatened to do in his post, is a potential ...
The Hacker News

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Cyber Daily

Code red: North Korean hackers behind compromised Axios npm package

Experts have pinned the attack on “one of npm’s most depended-on packages” on hackers backed by the Democratic People’s ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...