SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
The Hacker News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
The Hacker News

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.

Google says North Korean hackers behind major attack on Axios

North Korean hackers used an updated version of a known backdoor to target a popular npm package.
The Manila Times

Bazaarvoice launches Authentic Discovery API to ensure brand and retailer reviews are visible to AI search and shopping agents

Research shows AI agents are 20-40% less likely to select products when key information is missing - making accessible, high-quality reviews crucial to win at GEO ...
News Channel 3-12

John Roberts told Donald Trump exactly what he thinks

But during the momentous session, Roberts made plain his skepticism for the Trump position that would upend more than a ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Cyber Daily

The industry speaks: World Cloud Security Day 2026

The day itself dropped over the Easter break, but that doesn’t make this advice any less essential for Australian businesses and IT leaders.