Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...
Crowdfund Insider

Trojan Now Impacting Brazilian Financial Institution Clients, Malware Employs Advanced Stealth Tactics : Analysis

Cybersecurity researchers at Kaspersky’s Global Research and Analysis Team (GReAT) have spotlighted a highly evolved banking Trojan.
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...
Security Boulevard

Hacked sites deliver Vidar infostealer to Windows users

We found fake “verify you are human” pages on hacked WordPress sites that trick Windows users into installing the Vidar infostealer.