Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

This beginner guide covers OpenClaw setup with a secure SSH tunnel and npm run scripts, plus tips for reconnecting after ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

Robots just installed 100 MW of solar power at a major US project, signaling a shift toward AI-driven automation in renewable ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package ...

Supply chain attacks feel like they're becoming more and more common.