The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers ...

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...

An emerging threat cluster is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to steal credentials ...

Wasm, PGlite, OPFS, and other new tech bring robust data storage to the browser, Electrobun brings Bun to desktop apps, ...

The campaign is stealing credentials from unpatched servers at scale, due to “neglect and efficiency,” says analyst, and the ...

Gnata, “a pure-Go implementation of JSONata 2.x”, was built in just seven hours, $400 in tokens and a 1,000x speedup on common expressions.

Vulnerability attacks rose 56% in 2025. Explore 46 statistics on CVE disclosure, exploitation patterns, and industry impact to guide your 2026 security strategy. The post 46 Vulnerability Statistics ...

Cloudflare created an open-source CMS it calls a "spiritual successor to WordPress" — but WordPress is having none of it.

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...