On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...

Axios is published and maintained on npm, the default package registry for JavaScript and Node.js projects. It is used to ...

I'm celebrating Apple's 50th by being nice about it for once.

Your arrow keys deserve better.

The tests, conducted by NJ Tech, used identical hardware: an AMD Ryzen 5 5600X paired with a Radeon RX 6700 XT, alongside ...

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

A new malware-as-a-service called CrystalRAT is being promoted on Telegram, offering remote access, data theft, keylogging, and clipboard hijacking capabilities.

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...

The new DeepLoad malware has been distributed in ClickFix attacks to steal user credentials and install a rogue browser ...