When Mike McClary decided to revive a discontinued flashlight that had once been one of his best sellers, he didn’t dust off the old supplier spreadsheet or spend weeks emailing factories. Instead, he opened Accio, an AI-powered sourcing assistant on Alibaba.com, and started a conversation. Within weeks he had a redesigned product, a recommended factory in Ningbo, and a projected
Tag: supply chain
Supply-chain alert: axios NPM package poisoned to deliver WAVESHAPER.V2 backdoor
A high-risk software supply chain attack has poisoned widely used axios npm releases, turning routine installs into a cross-platform compromise. Developers, CI/CD systems, and production pipelines that pulled the tainted axios versions (1.14.1 and 0.30.4) risked silently receiving a multi-stage backdoor that targeted Windows, macOS, and Linux hosts. Because axios sits deep in many dependency trees, a single malicious release
AstraZeneca Allegedly Targeted by LAPSUS$ — Claims of a 3GB Internal Data Dump
A known hacking collective identifying as LAPSUS$ has posted claims that it obtained and is attempting to sell a 3GB .tar.gz archive allegedly containing AstraZeneca internal data. As of the reports dated March 20, 2026, AstraZeneca had not issued a public statement confirming or denying the claim. What the threat actors presented The actors published teasers and screenshots on breach