On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A series of malicious LNK files targeting users in South Korea has been detected using a multi-stage attack chain that uses ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Augmented Marauder targets Latin America and Europe since 2020, using dynamic PDF phishing to spread Casbaneiro via Horabot.

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

The massive amount of junk code that hides the malware's logic from security scans was almost certainly generated by AI, ...

Windows 11 KB5086672 is now rolling out as an optional update with several notable improvements after March 2026 update ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

Each tab can be its own world, if you actually configure it.

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...