Canadian defence-procurement agency expected to reduce $100-million contract minimum

Changes likely to take effect when the Defence Investment Agency becomes its own stand-alone entity, Stephen Fuhr says ...
Payload Asia

CEVA Logistics supports Watsons Thailand in expanding electric vehicle adoption

CEVA Logistics and Watsons Thailand announced the extension of their long‑standing logistics relationship to accelerate the ...
Payload Asia

DHL Express and SHEIN sign GoGreen Plus agreement to advance more sustainable logistics in cross-border E-commerce

Amy Yang, Global Head of Channel Logistics, SHEIN; Ethan Shen, Global Head of Supply Chain Logisitcs & Fulfilment, SHEIN; ...
WinBuzzer

DarkSword iOS Exploit Leaks on GitHub, Threatens Millions

A government-grade iOS exploit kit called DarkSword has been leaked on GitHub, putting hundreds of millions of iPhones ...
Cyber Daily

Government proposes 5 changes to SOCI Act in overhaul of ministerial directions powers

A newly released consultation paper suggests “targeted reforms” such as disclosure delays and restrictions on “high-risk ...

Supply chain attack hits Axios npm releases, users urged to rotate keys

Security firm Socket advised developers to check dependencies for affected Axios versions and remove or roll back compromised ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a cross-platform RAT. Axios sits in 80% of cloud environments. Huntress confirmed ...
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Nextgov

North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say

The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will ...