Over 1,700 malicious packages since Jan 2025 fuel cross-ecosystem supply chain attacks, enabling espionage and financial ...
UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...
Wasm, PGlite, OPFS, and other new tech bring robust data storage to the browser, Electrobun brings Bun to desktop apps, ...
Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
Spread the loveIn a significant revelation in the landscape of cybersecurity, Google has attributed a recent supply chain ...
North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s ...
Axios functions as pre-built software that a developer can easily incorporate into a JavaScript project. However, a hacker ...
An attacker published five malicious npm packages targeting Ethereum and Solana developers. The packages steal private keys and send them to the attacker via Telegram. The attack relies on ...
The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...
Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results