North Korean hackers used an updated version of a known backdoor to target a popular npm package.

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.

A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...

In my Sex, Drugs, and Artificial Intelligence class, I have strived to take a balanced look at various topics, including ...

Vulnerability attacks rose 56% in 2025. Explore 46 statistics on CVE disclosure, exploitation patterns, and industry impact to guide your 2026 security strategy. The post 46 Vulnerability Statistics ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Two versions of the widely used JavaScript library axios were maliciously published on npm on March 31, 2026. A hijacked ...