The Hacker News

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

LinkedIn secretly scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan ...
Analytics Insight

How to Enable JavaScript in Windows: Easy Step-by-Step Guide

Overview: JavaScript powers essential website features like payments, videos, forms, and menus across modern browsers today.Enabling JavaScript in Windows brows ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...

Microsoft's LinkedIn is scanning installed browser extensions without user permission

Researchers have determined that Microsoft's LinkedIn is scanning browser plug-ins and other information without permission, ...

New "BrowserGate" report claims LinkedIn secretly scans user browsers

LinkedIn calls it a smear campaign, but does not deny scanning people's browsers for extensions.
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
The Register-Herald

A familiar crew fuels Jim Knowles’ defensive overhaul at Tennessee this spring

Jim Knowles has installed new defenses in a lot of places. Having familiar faces around is making the experience much smoother this spring at Tennessee. Volunteers coach Josh Heupel hired ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...