Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
Security Boulevard

Axios supply chain attack chops away at npm trust

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

RxDB 17: Sync without server, access for AI agents

The open-source database RxDB 17 now synchronizes data directly via Google Drive or OneDrive – developers no longer need ...

Claude Code 源码泄露,全面剖析【长文】

这件事最早发生在 2025 年 2 月,Claude Code v0.2.8 发布时,有人发现 npm 包的 cli.mjs 中内嵌了一段超长的 base64 编码字符串,解码后就是完整的 Type 源码。Anthropic 很快推了 v0.2.9 ...