Mastodawn

#Development #Reports
axios compromised on npm · Popular JavaScript HTTP client hit by supply chain attack https://ilo.im/16bt4y

_____
#Malware #JavaScript #HTTP #Library #Npm #Security #WebDev #Frontend #Backend

axios Compromised on npm - Malicious Versions Drop Remote Access Trojan - StepSecurity

Hijacked maintainer account used to publish poisoned axios releases including 1.14.1 and 0.30.4. The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigating and will update this post with a full technical analysis.

N-gated Hacker News 21m ago

Wait, you wanted to uncover the secret literary masterpieces penned by #octogenarians, but got stopped in your tracks by a browser setting? 🤦‍♂️🔍 Perhaps the real art is in the delicate dance of toggling #JavaScript and #cookies, not in writing a novel at 85. 🍪💻
https://statmodeling.stat.columbia.edu/2026/03/25/what-major-works-of-literature-were-written-after-age-of-85-75-65/ #literarymasterpieces #techhumor #writingstruggles #HackerNews #ngated

@[email protected]38m ago

Wow axios got hit

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines
https://www.theregister.com/2026/03/31/axios_npm_backdoor_rat/

#WebDev #JavaScript #NPM

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios

The Register

Jan Marthedal Rasmussen 41m ago

City In A Bottle – A 256 Byte Raycasting System https://frankforce.com/city-in-a-bottle-a-256-byte-raycasting-system/ #javascript #rastergraphics #programming

City In A Bottle – A 256 Byte Raycasting System

Hello size coding fans. Today, I have something amazing to share: A tiny raycasting engine and city generator that fits in a standalone 256 byte html file. In this post I will share all the secrets…

Killed By A Pixel

Nemeski 1h ago

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

https://mander.xyz/post/49751549

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account - Mander

Lemmy

Alvin Ashcraft 🐿️2h ago

The TechBash 2026 Call for Speakers Ends Tonight!

https://www.jasongaylord.com/blog/2026/03/30/techbash-call-for-speakers-ends-tomorrow

#cfp #callforspeakers #callforpapers #devconference #nepa #poconos #kalahari #techbash #devcommunity #mvpbuzz #dotnet #ai #cloud #devops #javascript #python #testing

TechBash 2026 Call for Speakers Ends Tomorrow

The TechBash 2026 Call for Speakers is coming down to the wire, with submissions officially closing tomorrow, March 31 at 11:59pm Eastern. If you’ve been thinking about sharing your experience, insights, or hard‑won lessons with a passionate developer audience, this is your moment. TechBash has built a reputation for practical, community-driven content, and the conference is actively looking for speakers who want to educate, inspire, and spark meaningful conversations across the tech community.

Jason N. Gaylord

Gonçalo Valério 2h ago

"axios Compromised on npm - Malicious Versions Drop Remote Access Trojan"

https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan

Just another Tuesday. Developing software is becoming a riskier business by the day.

#npm #javascript #nodejs #security #supplychain

axios Compromised on npm - Malicious Versions Drop Remote Access Trojan - StepSecurity

Show thread

oatmeal 2h ago

@peter somebody commented the other day that if #Anthropic were so confident in their agentic tools #JavaScript would not be their language of choice for Claude Code.