ClickUp Data Leak Exposes Enterprise Emails for Over a Year

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...
Cybernews

Security researcher claims ClickUp vulnerability is leaking customer data

A security researcher disclosed that a hardcoded API key in ClickUp's production JavaScript bundle has exposed 959 email ...

LinkDaddy LLC Launches AI Verified to Solve SME Knowledge Graph Exclusion

AI Verified gives any registered business the machine-readable identity AI systems need to find and cite them — solving the ...

No-JavaScript fallbacks in 2026: Less critical, still necessary

Rendering isn’t always immediate or complete. Learn where no-JavaScript fallbacks still protect critical content, links, and ...
CPO Magazine

Axios Supply Chain Attack Hits OpenAI: Users Urged to Update macOS Certificates

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...
SecurityWeek

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.
IEEE

Request Smuggling Via HTTP/2 Cleartext in the Wild: Empirical Testing with Differential Fuzzing

Abstract: The Request Smuggling Via HTTP/2 Cleartext (H2C Smuggling) attacks exploit vulnerabilities in the handling of HTTP request headers by proxy servers, allowing attackers to bypass security ...
Hosted on MSN

Supply chain attack hits Axios npm releases, users urged to rotate keys

Update March 31, 2026, 1:28 pm UTC: This article has been updated to add comments from Abdelfattah Ibrahim, senior offensive security engineer at Hacken. Two malicious Axios npm releases have prompted ...