Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
vc.ru

Как работает JSON и почему без него не живет ни один frontend

Когда начинаешь разбираться во frontend или backend-разработке, JSON встречается буквально везде. Сначала это выглядит как просто какой-то формат с фигурными скобками, но со временем становится ...

Автоматическая карта API за минуты: что умеет Vespasian

Vespasian – открытый инструмент для поиска конечных точек API и автоматической сборки спецификаций по реальному HTTP-трафику.

'Hundreds of thousands of stolen secrets could potentially be circulating as a result of these recent attacks': Google says North Korean hackers behind majo…

Google Threat Intelligence Group warns of active supply chain attack on npm’s Axios library Malicious dependency ...
InfoWorld

How Apache Kafka flexed to support queues

The latest release of Apache Kafka delivers the queue-like consumption semantics of point-to-point messaging. Here’s the how, ...
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
vc.ru

Как я обошёл блокировку Anthropic для сторонних агентов и вернул все на подписку — пошаговый гайд

Сегодня Anthropic закрыла использование своих подписок в сторонних инструментах вроде OpenClaw — они больше не покрываются подпиской. А использование по API обходится во много раз дороже. Весь вечер ...
InfoQ

Safari Adds scrollend Event Support, Completing Baseline Browser Coverage

Safari's release of version 26.2 in December introduced support for the scrollend event, completing its alignment with major browsers. This event signals when scrolling has definitively ended, ...
CSO Online

6 ways attackers abuse AI services to hack your business

As enterprises rely more heavily on AI technologies and services, attackers’ living-off-the-land techniques have evolved to ...

The Axios Hack: How a single compromised account put millions of developers at risk

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios ...

Claude Code's source code appears to have leaked: here's what we know

The leak provides competitors—from established giants to nimble rivals like Cursor—a literal blueprint for how to build a ...
The Hacker News

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The U.S. State Department has officially launched the Bureau of Emerging Threats, a new unit tasked with protecting U.S.