Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
GitHub

Viewer for JSON files that can be GBs large.

Inspired by a Question on Software Recommendations, I wrote this viewer for very large JSON files. It can open files of 1.4 GB in size or even larger, as long as you have ~7 times the amount of RAM on ...
GitHub

Zepto.js – a minimalist JavaScript library

Zepto is a minimalist JavaScript library for modern browsers with a largely jQuery-compatible API. If you use jQuery, you already know how to use Zepto. See zeptojs.com for an extended introduction, ...

Security study finds thousands of API credentials exposed on the web for years

Researchers scan 10 million websites and uncover thousands of exposed API keys quietly granting access to cloud systems and ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
InfoWorld

Anthropic employee error exposes Claude Code source

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary ...