Microsoft

Threat actor abuse of AI accelerates from tool to cyberattack surface

Generative AI is upgrading cyberattacks, from 450% higher phishing click‑through rates to industrialized MFA bypass. Learn ...

ENFORCEAUTH IDENTIFIES AUTHORIZATION FAILURES AS ROOT CAUSE OF ANTHROPIC’S THREE SECURITY INCIDENTS IN FIVE DAYS

Analysis Shows Production-Deployable Rego Policies Would Have Prevented CMS Data Exposure, 500K-Line Source Code Leak, ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

New Rowhammer attacks give complete control of machines running Nvidia GPUs

A separate mitigation is to enable Error Correcting Codes (ECC) on the GPU, something Nvidia allows to be done using a ...

The Axios Hack: How a single compromised account put millions of developers at risk

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios maintainers.

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and ...
Cyber Daily

Code red: North Korean hackers behind compromised Axios npm package

Experts have pinned the attack on “one of npm’s most depended-on packages” on hackers backed by the Democratic People’s ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Security Boulevard

Anthropic Claude Code Leak

IntroductionOn March 31, 2026, Anthropic accidentally exposed the full source code of Claude Code (its flagship ...

Apple expands iOS 18 updates to more iPhones to block DarkSword attacks

Apple has now made it possible for more iPhones still running iOS 18 to receive security updates that protect against the ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
InfoWorld

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...