The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...
The Hacker News

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching ...

Daikin Industries Selects Outerport to Make Unstructured Engineering Design Data AI-Ready

Daikin Industries has selected Outerport as its core platform for extracting structured data from complex engineering ...

Why New Google-Agent May Be A Pivot Related To OpenClaw Trend

Why Shift of Googlers from Project Mariner to Gemini Agent may be related to the new Google-Agent crawler and the growing LAM competition.
Climate Control News

Daikin selects Outerport platform

Daikin Industries has selected Outerport as its core platform for extracting structured data from complex engineering ...

Malware on npm: HTTP client axios loads backdoor for Windows, macOS, and Linux

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on ...
InfoWorld

New ‘StoatWaffle’ malware auto‑executes attacks on developers

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, ...

Researchers disclose vulnerabilities in IP KVMs from four manufacturers

Researchers are warning about the risks posed by a low-cost device that can give insiders and hackers unusually broad powers in compromising networks. The devices, which typically sell for $30 to $100 ...