pull down to refresh

🚨 CRITICAL: supply chain attack on axios
1626 sats \ 8 comments \ @justin_shocknet 31 Mar devs
related
TanStack NPM Packages Compromisedgithub.com/TanStack/router/issues/7383
1054 sats \ 7 comments \ @hn 11 May tech
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaignthehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html
1134 sats \ 5 comments \ @Scoresby 23 Apr tech devs
Compromised npm package silently installs OpenClaw on developer machineswww.csoonline.com/article/4135449/compromised-npm-package-silently-installs-openclaw-on-developer-machines.html
422 sats \ 4 comments \ @winteryeti 24 Feb AI
Tinycolor npm Package Compromised in (another) Supply Chain Attacksocket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages
1053 sats \ 3 comments \ @aljaz 16 Sep 2025 security
'Sha1-Hulud' npm malware is back
377 sats \ 0 comments \ @anon 28 Nov 2025 lightning
Lazarus Infects New Batch of JavaScript Packages With Crypto Stealing Malwaredecrypt.co/309669/lazarus-javascript-crypto-stealing-malware
1161 sats \ 0 comments \ @k00b 13 Mar 2025 security
We Just Found Malicious Code in the Popular NPM Packagejdstaerk.substack.com/p/we-just-found-malicious-code-in-the
1497 sats \ 18 comments \ @kristapsk 8 Sep 2025 security
OpenAI's macOS app-signing was exposed to Axios supply chain attackopenai.com/index/axios-developer-tool-compromise/
783 sats \ 1 comment \ @k00b 12 Apr AI
NPM debug and chalk packages compromisedwww.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
263 sats \ 0 comments \ @hn 8 Sep 2025 tech
NPM security: preventing supply chain attacks | Snyk (2022)snyk.io/blog/npm-security-preventing-supply-chain-attacks/
517 sats \ 20 comments \ @ek 9 Sep 2025 security
Axios supply chain attack post mortemgithub.com/axios/axios/issues/10636
3212 sats \ 9 comments \ @WeAreAllSatoshi 3 Apr AI tech privacy devs
Critical Next.js Vulnerability Allows Attackers Bypass Middleware Authorizationthehackernews.com/2025/03/critical-nextjs-vulnerability-allows.html
304 sats \ 2 comments \ @ch0k1 25 Mar 2025 security
Supply Chain Attack in litellm 1.82.8 on PyPIfuturesearch.ai/blog/litellm-pypi-supply-chain-attack/
373 sats \ 0 comments \ @Scoresby 24 Mar devs
GitHub suffers a cascading supply chain attack compromising CI/CD secretswww.infoworld.com/article/3849245/github-suffers-a-cascading-supply-chain-attack-compromising-ci-cd-secrets.html
389 sats \ 2 comments \ @ch0k1 21 Mar 2025 security
Npm Run Hack:Me - A Supply Chain Attack Journeyrxj.dev/posts/npm-run-hack-supply-chain-attack-journey/
661 sats \ 1 comment \ @k00b 12 Mar 2025 devs
Fake Ledger Nano S Plus's being sold on third-party marketplaces - BitcoinNewsx.com/BitcoinNewsCom/status/2044890362037125281
487 sats \ 3 comments \ @Scoresby 16 Apr news bitcoin
Hacking campaign compromised at least 16 Chrome browser extensionssecurityaffairs.com/172491/hacking/chrome-browser-extensions-compromise.html
266 sats \ 0 comments \ @nym 1 Jan 2025 security
I built an npm library for L402 Lightning payments
1312 sats \ 1 comment \ @satpath 25 Feb lightning devs
280+ Leaky Skills: How OpenClaw & ClawHub Are Exposing API Keys and PIIsnyk.io/blog/openclaw-skills-credential-leaks-research/
1030 sats \ 1 comment \ @0xbitcoiner 6 Feb AI
How to Verify the Impact of the Recent NPM Attack on My Wallets?
430 sats \ 29 comments \ @spiderman 11 Sep 2025 bitcoin
How we rebuilt Next.js with AI in one weekblog.cloudflare.com/vinext/
1683 sats \ 4 comments \ @winteryeti 26 Feb tech