However, a decisive moment arrived when the Interministerial Digital Directorate (DINUM) announced a comprehensive plan to migrate all government ministries from Windows to Linux. By autumn 2026, each ministry must submit a roadmap detailing their transition strategies.

This migration will affect approximately 2.5 million civil servants, marking a significant change in how governmental operations are conducted. The transition also includes replacing applications like Microsoft Teams and Zoom with alternatives such as ‘Visio’ and ‘Tchap’.

Moreover, the French government has set a deadline for moving critical state data away from U.S. cloud providers by the end of 2026. This decision aligns with France’s broader goal of ensuring that its public infrastructure remains transparent and auditable.

David Amiel, a key figure in this initiative, emphasized the necessity of regaining control over digital tools, stating, “We can no longer accept that our data, our infrastructure, and our strategic decisions depend on solutions whose rules, pricing, evolution, and risks we do not control.”

Historically, France has been proactive in adopting open-source solutions. The Gendarmerie Nationale, for instance, began its migration to open source in 2004, developing ‘GendBuntu’, a custom version of Ubuntu Linux, which is now used on over 100,000 workstations.

This shift mirrors similar movements in other regions, such as Germany’s Schleswig-Holstein, which announced plans to switch 30,000 PCs to LibreOffice and Linux.

As France embarks on this significant transition, the implications for data sovereignty and digital independence are profound. The move is not just about changing software; it represents a strategic pivot towards self-reliance in the digital realm.

Details remain unconfirmed regarding the specific challenges that ministries may face during this transition, but the commitment to a more open and controlled digital environment is clear.

The post Free Windows PC Upgrade Google: France’s Shift to Linux appeared first on News Casino.

On March 31, 2026, the npm account of an axios maintainer was compromised, leading to the publication of two malicious versions of the popular JavaScript library. The versions, labeled v1.14.1 and v0.30.4, were available for download for approximately three hours before being removed from the npm registry.

The malicious packages included a dependency on a trojanized package named plain-crypto-js, which was designed to execute platform-specific payloads. These payloads functioned as lightweight remote access trojans (RATs), posing significant risks to users and organizations utilizing axios in their applications.

Axios is widely used for making HTTP/S requests in JavaScript applications, and the attack had a considerable impact, affecting approximately 80% of cloud and code environments that rely on the library. The malicious versions of axios were downloaded around 100 million times per week, raising concerns about the potential scale of the compromise.

According to reports, the malicious versions included a dropper that could download and execute additional payloads on affected systems. Initial assessments indicated that about 3% of environments observed execution of the malicious code, with beacons reaching out to a command and control (C2) server every 60 seconds.

Organizations are strongly advised to audit their environments for potential execution of these versions. The attack was particularly significant due to axios’s extensive use as a transitive dependency across millions of applications, which could lead to widespread vulnerabilities.

Experts noted that the attacker may have gained access to repository access, signing keys, API keys, or other sensitive information that could be used to backdoor future releases or compromise backend systems and users. Additionally, any post-infection inspection of the package manifest for plain-crypto-js would reveal a clean appearance, complicating detection efforts.

This incident underscores the importance of security in open-source software development and the need for vigilant monitoring of dependencies. As the situation develops, further information may emerge regarding the extent of the impact and the measures organizations should take to protect their systems.

The post Axios Maintainer Account Compromised, Malicious Versions Published appeared first on News Casino.