Techzine Europe

Axios supply chain attack victim posts postmortem to prevent a repeat

Another supply chain security threat emerged this week with the compromise of Axios. It is a popular JavaScript HTTP library, but for three hours, it ...

紧急安全预警|axios 供应链投毒事件复盘:影响亿级项目,全网自查 ...

近日,前端与Node.js生态中广泛使用的 axios库遭遇了一次严重的 供应链投毒攻击,波及范围极广。 攻击者并非利用代码漏洞,而是直接入侵了维护者账号,发布了恶意版本。 这次事件对开发者的影响深远,值得所有开发者警惕。 axios作为前端和 Node.js开发中最常用的 HTTP 请求库,其重要性不言而喻。 此次事故并非库本身逻辑缺陷,而是账号权限失守引发的恶意投毒,危害直接且传播极快。 一、 ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
Security Boulevard

Axios Front-End Library npm Supply Chain Poisoning Alert

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...

警惕 axios 供应链投毒风险!永信至诚「数字风洞」守护软件供应链安全

永信至诚「数字风洞」安全团队监测到一起Node.js供应链投毒事件。 攻击者向npm仓库上传了axios的两个恶意版本(1.14.1和0.30.4),这些版本在安装时会自动拉取恶意依赖包plain-crypto-js@4.2.1 ...
Techzine Europe

Axios npm package compromised, posing a new supply chain threat

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...

MoonPay debuts open source wall standard for AI agents

MoonPay, the leading global crypto payments network, launched the Open Wallet Standard (openwallet.sh), an open-source standard that gives AI agents a secure, universal way to hold value, sign ...
HHS

Sophisticated Surveillance RAT Marketed for Global Buyers

Cybercriminals are advertising on criminal hacking online boards an Android remote access Trojan that can steal victims' WhatsApp conversation history, surveil them in real time and extract ...
The Hacker News

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

Cybersecurity researchers have disclosed details of a malicious Go module that's designed to harvest passwords, create persistent access via SSH, and deliver a Linux ...
bitnewsbot

Malicious Go Module Hijacks Linux Passwords

Cybersecurity researchers disclosed on February 27, 2026, that a malicious Go module is harvesting terminal passwords and deploying the persistent Rekoobe Linux ...
IEEE

Mitigating IEMI Induced Faults in PLL-Based Cryptographic Modules Through Narrow Loop Bandwidth

Abstract: A threat has been reported in which an intentional electromagnetic interference (IEMI) generates a glitch in the input clock of a phase-locked loop (PLL) circuits, thereby causing a ...
Crypto Briefing

Michael Svoboda: Blockchain will eliminate financial intermediaries, Liquity’s interest ...

Michael Svoboda is CEO of Liquity AG, where he leads development of the Liquity protocol and its governance-free stablecoin infrastructure for Ethereum. Under his leadership, Liquity has evolved from ...