Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
MUO on MSN

I wanted a lightweight self-hosted Google Drive alternative — this single-binary web app is almost perfect

This tiny app replaces Google Drive entirely.
The Hacker News

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.

Async Adds 100+ AI Models for Video, Image, Avatar and Music Generation

MIDDLETOWN, DE, UNITED STATES, March 24, 2026 /EINPresswire.com/ -- Async, the AI-powered content creation platform ...
XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.
The Hacker News

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and ...

Redblocks Officially Launches AI-Based Large-Scale AI Translation Web Service ‘ForTransAI’

AI Translation Web Service ForTransAi Centered Design, Providing Large-Scale AI Selective Translation and Terminology ...
GitHub

Barrel file removal tool for JavaScript & TypeScript projects (ESM-only).

Barrel files are convenient, but they often come with trade-offs including: Performance and memory: they artificially inflate the module graph and slow down startup times, HMR, and CI pipelines.
GitHub

This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.

While assessing a web application, it is expected to enumerate information residing inside static files such as JavaScript or JSON resources. This tool tries to help with this "initial" recon phase, ...