After details of a yet-to-be-announced model were revealed due to the company leaving unpublished drafts of documents and ...

Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Hackers have been quietly exploiting what appears to be a zero-day in Adobe Acrobat Reader for months, using booby-trapped PDFs to profile targets and decide who's worth fully compromising.

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

North Korean hackers used an updated version of a known backdoor to target a popular npm package.

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

In early April 2025, security researchers confirmed that North Korean state-sponsored hackers had successfully compromised the Axios HTTP library. It is one ...

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

�� CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest axios@1.14.1 now pulls ...