On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Google's Gary Illyes published a blog post explaining how Googlebot works as one client of a centralized crawling platform, ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Google's March core update is rolling out. Illyes explains Googlebot's crawling architecture, and Gemini referral traffic ...

Cybercriminals are increasingly prioritizing speed and scalability over technical sophistication. Rather than crafting highly ...

整理 | 郑丽媛出品 | CSDN（ID：CSDNnews）继上周，每月下载量高达 9700 万的 Python 库 LiteLLM 被投毒后，本周 JavaScript 生态中几乎所有前端开发者都用过的 HTTP 客户端库 Axios 也“惨遭毒手 ...

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

LeakNet may be expanding its reach and scaling up, changing techniques and running campaigns directly, but the ransomware operator’s use of a repeatable post-exploitation sequence gives defenders a ...

朝鲜这个国家，在大多数人的认知里应该是相当封闭落后的。但他们的网络攻击能力，一直被严重低估。从 2014 年的索尼影业攻击，到 2017 年的 WannaCry 勒索病毒，再到这次对 npm 生态的精准打击，朝鲜黑客的技术水平和作战纪律一点也不「落后 ...

أدى هطول الأمطار إلى انتعاش ربيع منطقة آليان بريف جل آغا وكركي لكي في الجزيرة، وذلك بعد سنوات من الجفاف، لتتحول طبيعة هذه ...

事情的起点，是 npm 上发布的 Claude Code 2.1.88 安装包。包里混进了一个本不该公开的 map 文件。这类文件原本只是开发阶段的调试工具，用来在代码被压缩、打包之后，依然能把报错信息对应回原始源码中的具体位置。