Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.
NetEye Blog

Abusing trust boundaries between TLS and HTTP

When the access control decision is made at the TLS layer but the routing decision is made at the HTTP layer, you’re ...