Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
heise online

Java 26 with JVM optimizations, HTTP/3, and finally no Applet API

The current version, OpenJDK 25, was released in the fall of 2025, with many vendors offering Long-Term Support (LTS). Many companies use such releases as a stability anchor for migrations and ...