Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
The Hacker News

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

Storm-1175 exploits 16+ CVEs since 2023, including zero-days, enabling rapid Medusa ransomware attacks within 24 hours.
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
How-To Geek on MSN

PowerShell does 3 things Windows Settings simply can't, no matter how hard you try

PowerShell unlocks powerful Windows features you can’t access in Settings. Here are the ones actually worth using.
How-To Geek on MSN

5 PowerShell commands that fix Windows problems faster than any PC optimizer ever could

Special optimization apps promise to fix your PC, but you don't need them—PowerShell can do it better.

Microsoft links Medusa ransomware affiliate to zero-day attacks

Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware ...
ESX Virtualization

StarWind HCI Appliances: Storage Virtualization, Synchronous Replication, and Bulletproof Support

If you’re like me and have spent years wrestling with traditional three-tier infrastructure in small-to-medium businesses or remote office/branch office ...