Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected
Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a cross-platform remote access trojan. The malicious releases target macOS, Windows, and Linux. They were live on the npm registry for roughly three hours before removal.Axios gets more than 100 million downloads per week. Wiz reports it sits in approximately 80% of cloud and code environments, touching everything from React front-ends to CI/CD pipelines to serverless functions. Huntress detected the first infections 89 seconds after the malicious package went live and confirmed at least 135 compromised systems among its customers during the exposure window.This is the third major npm supply ch [...]
Rating
Innovation
Pricing
Technology
Usability
We have discovered similar tools to what you are looking for. Check out our suggestions for similar AI tools.
Private Internet Access VPN review: Both more and less than a budget VPN
I came into this review thinking of Private Internet Access (PIA) as one of the better VPNs. It's in the Kape Technologies portfolio, along with the top-tier ExpressVPN and the generally reliable [...]
Anthropic rolls out Code Review for Claude Code as it sues over Pentagon blacklist and partners with Microsoft
Anthropic on Monday released Code Review, a multi-agent code review system built into Claude Code that dispatches teams of AI agents to scrutinize every pull request for bugs that human reviewers rout [...]
Claude Code's source code appears to have leaked: here's what we know
Anthropic appears to have accidentally revealed the inner workings of one of its most popular and lucrative AI products, the agentic AI harness Claude Code, to the public.A 59.8 MB JavaScript source m [...]
Cloudflare’s new Dynamic Workers ditch containers to run AI agent code 100x faster
Web infrastructure giant Cloudlflare is seeking to transform the way enterprises deploy AI agents with the open beta release of Dynamic Workers, a new lightweight, isolate-based sandboxing system that [...]
Anthropic just shipped an OpenClaw killer called Claude Code Channels, letting you message it over Telegram and Discord
The hit open source autonomous AI agent OpenClaw may have just gotten mogged by Anthropic. Today, Anthropic announced Claude Code Channels, a way to hook up its own powerful Claude Code AI agentic har [...]
Endor Labs launches free tool AURI after study finds only 10% of AI-generated code is secure
Endor Labs, the application security startup backed by more than $208 million in venture funding, today launched AURI, a platform that embeds real-time security intelligence directly into the AI codin [...]
In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now
Every enterprise running AI coding agents has just lost a layer of defense. On March 31, Anthropic accidentally shipped a 59.8 MB source map file inside version 2.1.88 of its @anthropic-ai/claude-code [...]