The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
CNX Software

ESP32-S3 gets post-quantum encryption with Aethyr Edge Node open-source firmware

Aethyr Research has released post-quantum encrypted IoT edge node firmware for ESP32-S3 targets that boots in 2.1 seconds and ...
Tom's Hardware on MSN

Enthusiast installs Win 3.1X on bare metal Ryzen 9 9900X and RTX 5060 Ti system using floppy drive

Video shows bare-metal setup of Microsoft’s 1992 OS on a 2025 system, straight from its floppy install pack.