Pith Wave Signal

6 stories tagged #npm

Newest Most read
  1. Shai-Hulud Malware Exploits Software Supply Chains, Hits OpenAI and Microsoft
    tech

    Shai-Hulud Malware Exploits Software Supply Chains, Hits OpenAI and Microsoft

    A sophisticated malware campaign, Shai-Hulud, spreads through npm and PyPI, compromising major tech firms including OpenAI and Microsoft.

    2w ago 2 min read
  2. North Korean Hackers Compromise Axios Open Source Library
    tech

    North Korean Hackers Compromise Axios Open Source Library

    North Korean state-sponsored hackers targeted the Axios HTTP library maintainer, compromising a widely-used open source package and exposing thousands of organizations to credential theft.

    2mo ago 1 min read
  3. Anthropic Leaks Claude Code Source in NPM Packaging Error
    tech

    Anthropic Leaks Claude Code Source in NPM Packaging Error

    Anthropic accidentally exposed over 500,000 lines of Claude Code CLI source code due to a packaging mistake.

    2mo ago 1 min read
  4. Axios JavaScript Library Compromised in Sophisticated Supply Chain Attack
    tech

    Axios JavaScript Library Compromised in Sophisticated Supply Chain Attack

    Hackers infiltrated the Axios npm package, deploying remote access trojans across Windows, macOS, and Linux systems. Developers must act immediately to mitigate widespread compromise.

    2mo ago 1 min read
  5. Malicious Axios NPM Releases Compromise Developer Systems
    tech

    Malicious Axios NPM Releases Compromise Developer Systems

    Security firms warn developers after malicious code found in popular JavaScript library Axios.

    2mo ago 1 min read
  6. Invisible Code Threatens GitHub and Software Repositories
    tech

    Invisible Code Threatens GitHub and Software Repositories

    Hackers exploit hidden Unicode characters to conceal malicious payloads in software supply chains, bypassing AI and human review.

    2mo ago 1 min read