Supply chain attacks feel like they're becoming more and more common.

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...

Gesture control robotics replaces traditional buttons and joysticks with natural hand movements. This approach improves user ...

LiteLLM, a massively popular Python library, was compromised via a supply chain attack, resulting in the delivery of ...