Hackaday

Reverse-Engineering The Holy Stone H120D Drone

There are plenty of drones (and other gadgets) you can buy online that use proprietary control protocols. Of course, ...
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

Google says North Korean hackers behind major attack on Axios

North Korean hackers used an updated version of a known backdoor to target a popular npm package.
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Electronics For You

Time Lapse Timed Photography On Raspberry Pi Zero Board

We previously developed a time-lapse photography system based on the MaixCam platform, which performed remarkably well in ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
Dark ReadingOpinion

Source Code Leaks Highlight Lack of Supply Chain Oversight

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
Marketing Tech News

Malware on LinkedIn: advice for employers and jobseekers

An incident of LinkedIn malware means jobseekers and employers need to take more care with their applications and ...

If this project succeeds, your Time Capsule may not be killed off in macOS 27

A new GitHub project is trying to retrofit Apple's discontinued Time Capsule with modern SMB support. If this works, Time ...

Malware on npm: HTTP client axios loads backdoor for Windows, macOS, and Linux

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...