Unknown attackers compromised the CPUID website, redirecting users to malware laden versions of popular tools.

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Hackers are exploiting Anthropic's accidental Claude Code source leak to distribute Vidar and GhostSocks malware through fake ...

When trying to connect to the Remote Desktop on Windows, you may sometimes come across the CredentialUIBroker.exe 0xc000027b error. This error seems to be prevalent ...

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...

事件概述2026 年 3 月 31 日，著名云安全平台 StepSecurity 监测到，在 JavaScript 生态系统中最受欢迎的 HTTP 客户端库 Axios（每周下载量超 3 亿次）遭遇了严重的供应链攻击。攻击者劫持了 Axios ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions ...

IT之家 3 月 31 日消息，安全研究机构 StepSecurity 昨天发文称，主流 JavaScript 库 Axios 的两个 npm 版本 [email protected]、[email protected] 被恶意植入远程控制代码。