PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

At a historic meeting in Islamabad, Vice President JD Vance and senior Iranian officials were seeking to make a fragile truce permanent. The length of the talks suggested the two sides remained ...

Developers using the axios package from npm may have downloaded a malicous version that drops a Remote Access Trojan ...

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...

近日，前端与Node.js生态中广泛使用的 axios库遭遇了一次严重的 供应链投毒攻击，波及范围极广。 攻击者并非利用代码漏洞，而是直接入侵了维护者账号，发布了恶意版本。 这次事件对开发者的影响深远，值得所有开发者警惕。 axios作为前端和 Node.js开发中最常用的 HTTP 请求库，其重要性不言而喻。 此次事故并非库本身逻辑缺陷，而是账号权限失守引发的恶意投毒，危害直接且传播极快。 一、 ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Another supply chain security threat emerged this week with the compromise of Axios. It is a popular JavaScript HTTP library, but for three hours, it ...

London police arrest 212 people at protest over Palestine Action ban Police said on Saturday they had arrested 212 people at a protest in London's Trafalgar Square ‌opposing Britain's banning of the ...