The Hacker News

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released

Chrome patches 21 flaws including exploited CVE-2026-5281 in Dawn, marking fourth zero-day fixed in 2026, reducing active ...
BankInfoSecurity

Latest Anthropic Miscue Puts AI and Cyber Firms at Odds

The tension between AI developers and cybersecurity vendors is becoming increasingly apparent as new models show sudden leaps ...
The Tech Edvocate

Google Links Axios npm Package Attack to North Korean Cybercriminals

Spread the loveIn a significant revelation in the landscape of cybersecurity, Google has attributed a recent supply chain attack targeting the popular Axios npm package to a North Korean threat group ...
Network World

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...