Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Security Boulevard

Fake Temu Coin airdrop uses ClickFix trick to install stealthy malware

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.
marktechpost

Andrej Karpathy Open-Sources ‘Autoresearch’: A 630-Line Python Tool Letting AI Agents ...

The framework establishes a specific division of labor between the human researcher and the AI agent. The system operates on a continuous feedback loop where progress is tracked via git commits on a ...
Windows Report

Windows PowerShell Now Warns About Risky Web Scripts

As part of the December 2025 Patch Tuesday Update for Windows 11 version 23H2, 24H2, and 25H2, Microsoft made some changes to PowerShell 5.1. So, if you came across a new security warning in Windows ...
Bleeping Computer

Windows PowerShell now warns when running Invoke-WebRequest scripts

Microsoft says Windows PowerShell now warns when running scripts that use the Invoke-WebRequest cmdlet to download web content, aiming to prevent potentially risky code from executing. As Microsoft ...
GitHub

Generate PowerShell wrapper scripts from Python argparse parsers

argparse-ps1 automatically generates PowerShell (.ps1) wrapper scripts for Python scripts that use argparse. This provides native PowerShell tab completion and parameter binding for your Python ...