The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Techzine Europe

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign is currently targeting developers via GitHub. Attackers are exploiting the Discussions feature to spread fake security ...
MUO on MSN

I wanted a lightweight self-hosted Google Drive alternative — this single-binary web app is almost perfect

This tiny app replaces Google Drive entirely.