Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and ...
Nature

‘Treasure trove’ of antiviral proteins could inspire powerful molecular tools

Two research teams mined genomic data from bacteria to create databases containing thousands of antiviral defence proteins ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Anthropic accidentally exposed Claude Code source, raising security concerns

The exposure traces back to version 2.1.88 of the @anthropic-ai/claude-code package on npm, which was published with a 59.8MB ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...
ESPN

2026 FIFA World Cup: Format, groups, full match schedule, more

The 2026 FIFA World Cup in the United States, Canada and Mexico is fast approaching. Here's what to know about the tournament's format, groups and more. The World Cup draw on Dec. 5 separated 48 teams ...