A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
North Korean hackers used an updated version of a known backdoor to target a popular npm package.
Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...
TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ ...
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...
Uploads bring prompts and responses, but not project files, attachments, or AI-generated images. The rollout skips the UK, ...
A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
Students graduating in today’s labor market are facing a reality that no previous generation has faced: a job market where ...
Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results