Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Security Boulevard

CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive

UTC, Aikido Security detected an unusual pattern across the npm registry: dozens of packages from multiple organizations were receiving unauthorized patch updates, all containing the same hidden ...
Digital Production

dy Install Libs adds Library Manager to Houdini

Library Manager lands in dy Install Libs with one-click library install, enable, and disable for Houdini packages.