InfoWorld

Internet Bug Bounty program hits pause on payouts

Researchers who identify and report bugs in open-source software will no longer be rewarded by the Internet Bug Bounty team.
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential harvesting campaign.
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

RxDB 17: Sync without server, access for AI agents

The open-source database RxDB 17 now synchronizes data directly via Google Drive or OneDrive – developers no longer need ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
TechLila

Homebrew Statistics 2026: Latest Data Insights

Explore Homebrew Statistics to uncover key usage trends, installs, and growth insights that help developers make smarter ...
OSTechNix

EmDash: The Secure, Fast TypeScript Successor to WordPress

EmDash is an open-source CMS built on Astro and Cloudflare. Featuring sandboxed plugins, AI-native tools, and 66% faster ...