π€ Technology & AI
Today's top 4 stories, curated by Daily Direct.
Ransomware groups claimed 7,655 attacks over a single year, offering one of the most granular public datasets yet on the scale of the threat. The breakdown by criminal group, industry sector, and country reveals which targets are being hit hardest and which actors are driving volume. For security teams and policymakers alike, the numbers put hard data behind what has long been anecdotal alarm.
Read article βMalicious versions of Axios β one of the most widely used JavaScript HTTP libraries β were briefly published to NPM, carrying a Remote Access Trojan capable of giving attackers full system control. The compromise highlights the persistent and growing threat of supply chain attacks targeting high-trust, high-download packages that developers often pull without scrutiny. Teams using Axios should audit their dependency versions and lockfiles immediately.
Read article βNorth Korean state-sponsored hackers compromised Axios, one of the most widely used open-source JavaScript libraries, embedding malware into a project downloaded tens of millions of times each week. The attack represents a significant supply chain threat, potentially exposing countless developers and end users to malicious code. The incident underscores the growing vulnerability of open-source infrastructure as a vector for nation-state cyberattacks.
Read article βLiteLLM has cut ties with compliance startup Delve following a damaging malware incident last week that resulted in credential theft. The AI gateway company had relied on Delve to obtain two security compliance certifications, making the breach a significant reputational blow. The split raises pointed questions about the security posture of fast-moving AI infrastructure startups and the vendors they trust with sensitive credentials.
Read article βJoin thousands of readers who get the world's most important stories, curated daily.
Start reading free β