Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Build your first fully functional, Java-based AI agent using familiar Spring conventions and built-in tools from Spring AI.
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...
Cryptopolitan on MSN
Axios supply chain attack raises risk to crypto wallets
Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...
North Korean hackers used an updated version of a known backdoor to target a popular npm package.
After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...
Tom's Hardware on MSN
One of JavaScript's most popular libraries compromised by hackers
An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...
archinstall 4.0 replaces the curses interface with Textual, adds firewall and UKI support, and fundamentally modernizes the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results