ダウンロード数1億超、人気ライブラリ「Axios」を襲ったサプライ ...

オープンソースのJavaScript ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

DOM操作なしで多行テキストの高さを計算するという問題を解決した ...

2026年3月に公開されたTypeScriptライブラリ「Pretext」は登場するやいなやX(旧Twitter)などのSNSを中心にポストが拡散されました。Pretextはウェブ上のテキストの行数や高さを計算してくれるツールとのことですが、その話題 ...

Google Explains Googlebot Byte Limits And Crawling Architecture

Google's Gary Illyes published a blog post explaining how Googlebot works as one client of a centralized crawling platform, ...
The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Google explains how crawling works in 2026

Google went through crawling, fetching, and the bytes it processes.
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Google Core Update, Crawl Limits & Gemini Traffic Data – SEO Pulse

Google's March core update is rolling out. Illyes explains Googlebot's crawling architecture, and Gemini referral traffic ...

攻撃の手口は?axios改ざんとマルウェアの仕組み

標的プラットフォームはWindows、macOS、Linuxとされ、主要なプラットフォームをすべて侵害可能とされる。そのため、当該バージョンのaxiosを直接インストールした場合や、axiosを利用しているパッケージや製品をインストールした場合は侵害 ...